Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.

Published byPeregrine Newman Modified over 9 years ago

Similar presentations

Presentation on theme: "Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption."— Presentation transcript:

1 Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption

2 Outline Compression functions and iterated hashes Creating a hash function from a block cipher Secure Hash Algorithm-2 (SHA-2) –Overall structure –Message expansion into round keys –Initial digest creation –Individual round structure Rotation function Majority function Conditional function

3 3 Goals of Hashing Functions Hashing function must be “one way” Easy to compute y = h(M) Following must be computationally infeasible: –Given message M, find M´ such that h(M) = h(M´) (not vulnerable to preimage attack) –Finding any M 1 and M 2 such that h(M 1 ) = h(M 2 ) (not vulnerable to collision attack)

4 4 Compression Functions What is a hash algorithm? Function that compresses message of arbitrary length to m-bit digest Problem: Difficult to assure collision resistance for arbitrary compression function f Message of arbitrary size m-bit digest

5 5 Compression Functions Easier to create function that compresses block of fixed size k > m Break message into blocks of fixed size Apply compression function to each in some way f k-bit message m-bit digest

6 6 Iterated Hash Function Merkle-Damgard scheme

7 7 Iterated Hash Function Compression function of form h(M i, H i-1 ) –M i = i th message block –H i-1 = previous message digest –H 0 = initial vector known to sender, recipient If f is collision resistant, so is entire algorithm f n-bit message block M i m-bit digest H i m-bit digest H i-1

8 8 Types of Hash Algorithms Based on block ciphers –Rebuild existing cipher into compression function –Already has desirable properties of cryptographic hash Confusion, diffusion –Example: Whirlpool “Made from scratch” –Specifically designed for hashing –Often no clear structure for maximum confusion –Examples: Message Digest (MD) by Ron Rivest (obsolete) Secure Hash Algorithm (SHA-2, SHA-3)

9 9 Block Ciphers for Hashing Rabin scheme –“Plaintext” = output of previous stage –“Key” = current message block Potentially vulnerability: –Since encryption reversible, could use meet in middle attack –Work backwards from final message digest to find another M with same digest

10 10 Block Ciphers for Hashing Miyaguchi-Preneel scheme (used by Whirlpool) –Output of each stage based on XOR of: Output of encryption function Output of previous stage Current message –Prevents “meet in middle” attacks Cannot work backwards through encryption functions without knowing input to previous stage

11 11 SHA-2 Background: –Based on Merkle-Damgard scheme, Rivest MD5 Ideas: –Large number of rounds (80) for maximum confusion –Heavy use of non-invertible functions Combinations of rotation and XOR Condition and majority functions –Appearance of “randomness” in initial vector Designed for efficiency –All operations are very fast in hardware

12 12 SHA-2 512 bit message digest (secure against brute force attack) –Block size: 1024 bits –Digest broken down into 64 bit “words” called A – H

13 13 SHA-2 Initial Digest Initial values of message digest H 0 Designed for appearance of “randomness” –Created from first 8 primes (2, 3, 5, 7, 11, 13, 17, 19) –Take square root –Take first 64 digits of fractional part A 6A09E667F3BCC908 B BB67AE8584CAA73B C 3C6EF372EF94F828 D A54FE53A5F1D36F1 E 510E527FADE682D1 F 9B05688C2B3E6C1F G 1F83D9ABFB41BD6B H 5BE0CD19137E2179

14 14 SHA-2 Compression Function 80 rounds –Each creates new “intermediate” message digest Each round uses “round word” w i created from the message block Final stage is sum (mod 2 64 ) of: –Initial round digest –Final round digest

15 15 Word Expansion in SHA-2 Block of 16 words expanded to 80 words –Used by 80-round compression function

16 16 SHA-2 RotShift Function Confusion added with rotation and shifting Three different rotations/shifts with results XORed together Not invertible RotShift i-j-k Right rotation i bits  Right rotation j bits  Left shift k bits (adding 0’s to end)  00000 

17 17 SHA-2 Round Function Each round i function of: –Previous message digest –Word W i –Round “key” K i created from fractional parts of square root of first 80 prime numbers (like initial message digest values) –Insures different values each round

18 18 SHA-2 Round Structure Blocks A – C and E – G shifted over one –No real effect, other than to make sure every block affected by more complex operations

19 19 SHA-2 Round Structure New blocks A and E created as function of: –All previous blocks A – G –Round word W i and round key K i using addition mod 2 64

20 20 SHA-2 Rotation Function Rotate 64-bit block by i, j, and k bits Combine with XOR to mix up bits A rotated by 28, 34, and 39 bits E rotated by 14, 18, and 41 bits Rot i-j-k Right rotation i bits  Right rotation j bits  Right rotation k bits  

21 21 SHA-2 Majority Function Majority function of (A, B, C): –i th bit of result = 1 if at least 2 of i th bits of A, B, C = 1 0 otherwise –Example: A = 11001010 B = 01101001 C = 10011101 majority =11001001 –Idea: No way to reconstruct A, B, C from majority

22 22 SHA-2 Conditional Function Conditional function of (E, F, G): –i th bit of result = i th bit of F if i th bit of E = 1 = i th bit of G otherwise –Like “If E then F else G” –Example: E = 11001010 F = 01101001 G = 10011101 Conditional =01011101 –Idea: No way to reconstruct E, F, G from conditional

23 Addition Mod 2 64 Binary addition –Not same as XOR Example: 110000…00101 + 100000…01101 1010000…10010 = 010000…10010 23

Download ppt "Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption."

Similar presentations

Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.

PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
Announcements: 1. HW7 due next Tuesday. 2. Inauguration today! Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman,

Announcements: 1. HW7 due next Tuesday. 2. Inauguration today! Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman,
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.

Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.

Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.
Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.
Information Security and Management 11

Information Security and Management 11
Announcements: 1. HW6 due now 2. HW7 posted Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions.

Announcements: 1. HW6 due now 2. HW7 posted Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:

1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:
Hash Functions Nathanael Paul Oct. 9, 2002. Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Similar presentations

Ads by Google