Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.

Published byJoella Parks Modified over 8 years ago

Similar presentations

Presentation on theme: "Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC."— Presentation transcript:

1 Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC

2 Hash Functions ●Compute message digest of data of any size ●Fixed length output: 128-512 bits ●Easy to compute H(m) ●Given H(m), no easy way to find m ●One-way function ●Given m 1, it is computationally infeasible to find m 2 ≠m 1 s.t. H(m 2 ) = H(m 1 ) ●Weak collision resistant ●Computationally infeasible to find m 1 ≠m 2 s.t. H(m 1 ) = H(m 2 ) ●Strong collision resistant

3 Hash Functions ●Compute message digest of data of any size ●Fixed length output: 128-512 bits ●Easy to compute H(m) ●Given H(m), no easy way to find m ●One-way function ●Given m 1, it is computationally infeasible to find m 2 ≠m 1 s.t. H(m 2 ) = H(m 1 ) ●Weak collision resistant ●Computationally infeasible to find m 1 ≠m 2 s.t. H(m 1 ) = H(m 2 ) ●Strong collision resistant Requirements for a practical application of a hash function

4 Hash Functions ●Compute message digest of data of any size ●Fixed length output: 128-512 bits ●Easy to compute H(m) ●Given H(m), no easy way to find m ●One-way function ●Given m 1, it is computationally infeasible to find m 2 ≠m 1 s.t. H(m 2 ) = H(m 1 ) ●Weak collision resistant ●Computationally infeasible to find m 1 ≠m 2 s.t. H(m 1 ) = H(m 2 ) ●Strong collision resistant The one way property

5 Hash Functions ●Compute message digest of data of any size ●Fixed length output: 128-512 bits ●Easy to compute H(m) ●Given H(m), no easy way to find m ●One-way function ●Given m 1, it is computationally infeasible to find m 2 ≠m 1 s.t. H(m 2 ) = H(m 1 ) ●Weak collision resistant ●Computationally infeasible to find m 1 ≠m 2 s.t. H(m 1 ) = H(m 2 ) ●Strong collision resistant Hash functions are unique to each message

6 Hash Functions

7 ●Compute message digest of data of any size ●Fixed length output: 128-512 bits ●Easy to compute H(m) ●Given H(m), no easy way to find m ●One-way function ●Given m 1, it is computationally infeasible to find m 2 ≠m 1 s.t. H(m 2 ) = H(m 1 ) ●Weak collision resistant ●Computationally infeasible to find m 1 ≠m 2 s.t. H(m 1 ) = H(m 2 ) ●Strong collision resistant

8 Hash Functions

9 Hash Function Weaknesses The Birthday Paradox Pigeonhole Principle

10 Hash Function Weaknesses n = number of pigeons m = number of holes n = m There is one pigeon per hole n > m Then at least one hole must have more than one pigeon Pigeonhole Principle

11 Hash Function Weaknesses The Birthday Paradox How many people do you need in a room before you have a greater than 50% chance that two of them will have the same birthday? Assume 365 birthdays (our containers) % chance that two people in the room have the same birthday: 100% requires 366 people (the pigeonhole principle)

12 Hash Function Weaknesses ●Compute probability of different birthdays ●Random sample of n people (birthdays) taken from k (365) days ●k n samples with replacement ●(k) n =k(k-1)…(k-n+1) sample without replacement ●Probability of repetition: ●p = 1- (k) n /k n ≈ n(n-1)/2k = 0.5 if n=√k The Birthday Paradox

13 Hash Function Weaknesses 1-(k) n /k n = the probability that a pair share the same birthday If k = 365, n = 19 If there are 19 people in a room, there is a good chance that two of them share the same birthday! The Birthday Paradox

14 Hash Function Weaknesses Hash Functions: ●There are many more ‘pigeons’ than ‘pigeonholes’ ●Many inputs will be mapped to the same output. That is, many input messages will have the same hash. Conclusion: The longer the length of the hash, the fewer collisions.

15 Determining Hash Length

16 Hash Size Quiz If the length of hash is 128 bits, then how many messages does an attack need to search in order to find two that share the same hash? 2 64 2 127 2 128 128 Choose the correct answer:

17 Secure Hash Algorithm ●Developed by NIST, specified in the Secure Hash Standard, originally 1993 ●Revised as SHA-1 in 1995 ●160 bit hash ●NIST specified SHA2 algorithms in 2002 ●Hash value lengths of 256, 384, and 512 ●Similar to SHA-1

18 Comparison of SHA Parameters

19 Message Processing

20

21 Hash Based Message Authentication ●Cryptographic hash functions generally execute faster ●Library code is widely available ●SHA-1 was not designed for use as a MAC because it does not rely on a secret key ●Issued as RFC2014 ●Has been chosen as the mandatory-to-implement MAC for IP security ●Used in other Internet protocols such as Transport Layer Security (TLS)

22 Hash Based Message Authentication

23 HMAC Security ●Security depends on the cryptographic strength of the underlying hash function ● It’s much harder to launch successful collision attacks on HMAC because of secret key

24 Hash Function Quiz Check the statements that are True: The one-way hash function is important not only in message authentication but also in digital signatures SHA processes the input one block at a time but each block goes through the same processing HMAC is secure provided that the embedded hash function has good cryptographic strengths such as one- way and collision resistant

25 Hashes Lesson Summary ●Hash length should be at least 128 ●2^(64) message to find collision ●SHA1: 160-bit hash; SHA2: 256/384/512-bit hash ●Message processed/hashed block by block, result to next ●HMAC: hash the message with a secret key ●Message authentication

Download ppt "Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC."

Similar presentations

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Outline Project 1 Hash functions and its application on security Modern cryptographic hash functions and message digest –MD5 –SHA.

Outline Project 1 Hash functions and its application on security Modern cryptographic hash functions and message digest –MD5 –SHA.
Information Security Principles & Applications Topic 4: Message Authentication 虞慧群

Information Security Principles & Applications Topic 4: Message Authentication 虞慧群
PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.

PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel:03-5742968, Fax : 886-3-572-3694.

1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.

Hash functions a hash function produces a fingerprint of some file/message/data h = H(M)  condenses a variable-length message M  to a fixed-sized fingerprint.
Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.

Announcements:Questions? This week: Discrete Logs, Diffie-Hellman, ElGamal Discrete Logs, Diffie-Hellman, ElGamal Hash Functions and SHA-1 Hash Functions.
Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.

Hashes and Message Digest Hash is also called message digest One-way function: d=h(m) but no h’(d)=m –Cannot find the message given a digest Cannot find.
Cryptography and Network Security Hash Algorithms.

Cryptography and Network Security Hash Algorithms.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 09 Hash and Message Digest Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Hash Functions Nathanael Paul Oct. 9, 2002. Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Cryptography and Network Security (Various Hash Algorithms) Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Changed by Somesh Jha)

1 Cryptography and Network Security (Various Hash Algorithms) Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Changed by Somesh Jha)
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google