Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 4 Hash Functions Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Module 4 Hash Functions Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation."— Presentation transcript:

1 Module 4 Hash Functions Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation

2 Definition of a Hash Function Originally created to verify that a transmission was successful Originally created to verify that a transmission was successful If not, then the transmission would be re-sent If not, then the transmission would be re-sent Mainly error detection Mainly error detection Newer ones are for data integrity Newer ones are for data integrity

3 CRC – Cyclic Redundancy Check Checksum Checksum Detects errors after transmission or storage Detects errors after transmission or storage Problem – if you move a word in the document, but don’t delete it, the checksum remains the same Problem – if you move a word in the document, but don’t delete it, the checksum remains the same Cannot be used reliably for data integrity Cannot be used reliably for data integrity

4 CRC – (page 2) Several varieties, 8 bit to 64 bit, a few 128 bit checksums Several varieties, 8 bit to 64 bit, a few 128 bit checksums Polynomials Polynomials CRC-1x + 1 (Used in hardware, also known as parity bit) CRC-1x + 1 (Used in hardware, also known as parity bit)parity bitparity bit CRC-5 x5 + x2 + 1 (used in USB token packets) CRC-5 x5 + x2 + 1 (used in USB token packets)USB CRC-7 x7 + x3 + 1 (used in some telecom systems) CRC-7 x7 + x3 + 1 (used in some telecom systems) CRC-12 x12 + x11 + x3 + x2 + x + 1 (used in telecom systems) CRC-12 x12 + x11 + x3 + x2 + x + 1 (used in telecom systems)

5 Crytographic Hash Function Should not be able to predict the hash value of a message Should not be able to predict the hash value of a message Two messages should not have the same hash value Two messages should not have the same hash value Any change should result in a different hash value Any change should result in a different hash value

6 Message Digest 2 Created by Ronald Rivest in 1989 Created by Ronald Rivest in 1989 128 bit hash value 128 bit hash value Is still used for public key encryption and digital signatures Is still used for public key encryption and digital signatures Done at MIT Done at MIT

7 MD4 Developed by Rivest to address the problems with MD2 Developed by Rivest to address the problems with MD2 Created in 1990 Created in 1990 128 bit hash 128 bit hash 32 digit hexadecimal 32 digit hexadecimal First a message is padded to be 64 bits shy of a multiple of 512 bits First a message is padded to be 64 bits shy of a multiple of 512 bits

8 How MD4 works 64 bit data stream which contains the length of the original message is now appended to the padded message 64 bit data stream which contains the length of the original message is now appended to the padded message A four word (32 bits each) buffer is used to generate the message digest A four word (32 bits each) buffer is used to generate the message digest Process each 16 word block of the message Process each 16 word block of the message Output the MD Output the MD http://www.faqs.org/rfcs/rfc1320.html http://www.faqs.org/rfcs/rfc1320.html

9 MD5 Developed in 1991 to address weaknesses in MD4 Developed in 1991 to address weaknesses in MD4 128 bit cryptographic hash 128 bit cryptographic hash Very similar to MD4, but with some changes Very similar to MD4, but with some changes Still reliable for data integrity, but not for malicious attacks Still reliable for data integrity, but not for malicious attacks

10 One MD5 operation — MD5 consists of 64 of these operations, grouped in four rounds of 16 operations. F is a nonlinear function; one function is used in each round. Mi denotes a 32-bit block of the message input, and Ki denotes a 32-bit constant, different for each operation. http://en.wikipedia.org/wiki/MD5

11 Collisions with MD5 August 2004 collisions for the full MD5 were announced by Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu. August 2004 collisions for the full MD5 were announced by Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu. Their analytical attack was reported to take only one hour on an IBM p690 cluster. (Up to 1TB of ECC Chipkill system memory) Their analytical attack was reported to take only one hour on an IBM p690 cluster. (Up to 1TB of ECC Chipkill system memory)

12 SHA Group SHA-0 Developed in 1993 SHA-0 Developed in 1993 Secure Hash Algorithm Secure Hash Algorithm Pushed by the NSA Pushed by the NSA Problems arose, replaced by SHA-1 Problems arose, replaced by SHA-1 160 bit digest 160 bit digest SHA-0 had near collisions with 142 of the 160 being equal SHA-0 had near collisions with 142 of the 160 being equal

13 One iteration within the SHA-1 compression function. A, B, C, D and E are 32-bit words of the state; F is a nonlinear function that varies; <<< denotes a left bit rotation by s places; s varies for each operation. The red square denotes addition modulo 2 32. K t is a constant.

14 Collisions with SHA-1 In February 2005, an attack by Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu was announced. In February 2005, an attack by Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu was announced. Xiaoyun WangYiqun Lisa Yin Hongbo Yu Xiaoyun WangYiqun Lisa Yin Hongbo Yu The attacks can find collisions in the full version of SHA-1, requiring fewer than 2^69 operations The attacks can find collisions in the full version of SHA-1, requiring fewer than 2^69 operations http://en.wikipedia.org/wiki/SHA_hash_functions

15 What’s Next? Stronger hashes Stronger hashes SHA-256, SHA-384, SHA-512 SHA-256, SHA-384, SHA-512 Does it affect you? Does it affect you? Maybe… Maybe…

16 As an Expert Witness Feel free to tell what you use hashes for Feel free to tell what you use hashes for Do not attempt to describe them, simply say I am not a mathematician Do not attempt to describe them, simply say I am not a mathematician Do say, it is approved by my agency and by the NSA or NIST Do say, it is approved by my agency and by the NSA or NIST

Download ppt "Module 4 Hash Functions Highline Community College Seattle University University of Washington in conjunction with the National Science Foundation."

Similar presentations

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
SECURE HASHING ALGORITHM By: Ruth Betcher. Purpose: Authentication Not Encryption Authentication Requirements:  Masquerade – Insertion of message from.

SECURE HASHING ALGORITHM By: Ruth Betcher. Purpose: Authentication Not Encryption Authentication Requirements:  Masquerade – Insertion of message from.
SHA-1 collision found Lukáš Miňo, Richard Bartuš.

SHA-1 collision found Lukáš Miňo, Richard Bartuš.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
MD Collision Sought Marian Ščerbák University of Pavol Jozef Šafárik Košice.

MD Collision Sought Marian Ščerbák University of Pavol Jozef Šafárik Košice.
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.

PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel:03-5742968, Fax : 886-3-572-3694.

1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Announcements: 1. HW7 due next Tuesday. 2. Inauguration today! Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman,

Announcements: 1. HW7 due next Tuesday. 2. Inauguration today! Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman,
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.

Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.

Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.
MD5 Message Digest Algorithm CS265 Spring 2003 Jerry Li Computer Science Department San Jose State University.

MD5 Message Digest Algorithm CS265 Spring 2003 Jerry Li Computer Science Department San Jose State University.
Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.

Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.
By: Matthew Ng. SHA stands for Secure Hash Algorithm It is based off the Merkle-Dangard hash function There are 3 versions of it with one coming in 2012.

By: Matthew Ng. SHA stands for Secure Hash Algorithm It is based off the Merkle-Dangard hash function There are 3 versions of it with one coming in 2012.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Information Security and Management 11

Information Security and Management 11
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
COM 5336 Cryptography Lecture 9 Hash, MAC, HMAC

COM 5336 Cryptography Lecture 9 Hash, MAC, HMAC
1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 3 Encryption Algorithms & Systems (Part C)

Chapter 3 Encryption Algorithms & Systems (Part C)
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Similar presentations

Ads by Google