














Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An overview of hash and message authentication code (mac) algorithms, focusing on sha-512 and whirlpool. Topics covered include the structure and function of hash algorithms, the use of hash functions as macs, and the comparison of sha-512 and whirlpool. The document also discusses the security and performance considerations of these algorithms.
Typology: Slides
1 / 22
This page cannot be seen from the preview
Don't miss anything!















Each of the messages, like each one he had ever read of Stern's commands, began with a number and ended with a number or row of numbers. No efforts on the part of Mungo or any of his experts had been able to break Stern's code, nor was there any clue as to what the preliminary number and those ultimate numbers signified. — Talking to Strange Men, Ruth Rendell
SHA originally designed by NIST & NSA in 1993
was revised in 1995 as SHA-
US standard for use with DSA signature scheme
standard is FIPS 180-1 1995, also Internet RFC nb. the algorithm is SHA, the standard is SHS
based on design of MD4 with key differences
produces 160-bit hash values
recent 2005 results on security of SHA-1 have
raised concerns on its use in future applications
updating a 512-bit buffer using a 64-bit value Wt derived from the current message block and a round constant based on cube root of first 80 prime numbers
input is mapped row wise has 10 rounds a different primitive polynomial for GF(2^8) uses different S-box design & values
Keyed Hash Functions as MACs
because hash functions are generally faster code for crypto hash functions widely available
KeyedHash = Hash(Key|Message) some weaknesses were found with this
specified as Internet standard RFC
uses hash function on the message:
HMACK = Hash[(K +^ XOR opad) || Hash[(K +^ XOR ipad)||M)]]
where K+^ is the key padded out to size
and opad, ipad are specified padding constants
overhead is just 3 more hash calculations than the message needs alone
any hash function can be used
eg. MD5, SHA-1, RIPEMD-160, Whirlpool
brute force attack on key used birthday attack (but since keyed would need to observe a very large number of messages)