Cryptography & Network Security: Authentication & Hash Functions - MA61027 by S. Mukhopadh, Study Guides, Projects, Research of Computer Systems Networking and Telecommunications

An excerpt from the 'cryptography and network security' course taught by sourav mukhopadhyay at iit-kgp in 2010. It covers the concepts of message authentication, hash functions, and their uses in securing data transmissions. The importance of message authentication, the role of hash functions in producing a 'fingerprint' of a message, and the properties required for practical application. It also introduces the secure hash algorithm (sha) and its processing of a single 512-bit block.

Typology: Study Guides, Projects, Research

2017/2018

Uploaded on 12/23/2018

sangeetha-rec
sangeetha-rec 🇮🇳

1 document

1 / 60

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Lecture Note 7
AUTHENTICATION REQUIREMENTS
Sourav Mukhopadhyay
Cryptography and Network Security - MA61027
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c

Partial preview of the text

Download Cryptography & Network Security: Authentication & Hash Functions - MA61027 by S. Mukhopadh and more Study Guides, Projects, Research Computer Systems Networking and Telecommunications in PDF only on Docsity!

Lecture Note 7

AUTHENTICATION REQUIREMENTS

Sourav Mukhopadhyay

Cryptography and Network Security - MA

  • In the context of communications across a network, the following attacks can be identified: 1. Disclosure: Release of message contents to any person or process not possessing the appropriate cryptographic key. 2. Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-oriented application, the frequency and duration of connections could be determined. In either a connection-oriented or connectionless environment, the number and length of messages between parties could be determined.

sequence of messages between parties, including insertion, deletion, and reordering.

  1. Timing modification: Delay or replay of messages. In a connection-orientated application, an entire session or sequence of messages could be a replay of some previous valid session, or individual messages in the sequence could be delayed or replayed.
  2. Repudiation: Denial of receipt of message by destination or denial of transmission of message by source.
  • Message authentication is a procedure to verify that received messages come from the alleged source and have not been altered.
  • Message authentication may also verify sequencing and timeliness.
  • A digital signature is an authentication technique that also includes measures to counter repudiation by either source or destination.
  • Any message authentication or digital signature mechanism can be viewed as having fundamentally two levels.
  1. Message Authentication Code (MAC): A public function of the message and a secret key that produces a fixed length value that serves as the authenticator.
  2. Hash Functions: A public function that maps a message of any length into a fixed length hash value, which serves as the authenticator.
  • We will mainly be concerned with the last class of function however it must be noted that hash functions and MACs are very similar except that a hash code doesn’t require a secret key.
  • With regard to the first class, this can be seen to provide authentication by virtue of the fact that only the sender and receiver know the key.
  • Therefore the message could only have come from the sender.
  • However there is also the problem that the plaintext message should be recognisable as plaintext message (for example if it was some sort of digitised X-rays it mightn’t be).

Figure 1: Basic uses of the hash function.

Figure 2: Basic uses of the hash function (cont.).

  • The purpose of a hash function is to produce a “fingerprint” of a file, message, or other block of data.
  • To be useful for message authentication, a hash function H must have the following properties: 1. H can be applied to a block of data of any size. 2. H produces a fixed-length output. 3. H(x) is relatively easy to compute for any given x, making both hardware and software implementations practical. 4. For any given code h, it is computationally infeasible

to find x such that H(x) = h.

  1. For any given block x, it is computationally infeasible to find y 6 = x with H(y) = H(x) (sometimes referred to as weak collision property).
  2. It is computationally infeasible to find any pair (x, y) such that H(x) = H(y) (sometimes referred to as strong collision property).
  • If the attacker can observe or intercept a transmission, the attacker obtains the message M and the hash code C = H(SAB||M ).
  • The attacker then inverts the hash function to obtain SAB||M = H−^1 (C).
  • Because the attacker now has both M and SAB||M , it is a trivial matter to recover SAB.
  • The fifth property guarantees that an alternative message hashing to the same value as a given message cannot be found.
  • This prevents forgery when an encrypted hash code is used (see figures 1b and c).
  • For these cases, the opponent can read the message and therefore generate its hash code. But, because the opponent does not have the secret key, the opponent should not be able to alter the message without detection.
  • If this property were not true, an attacker would be capable of the following sequence: 1. Observe or intercept a message plus its encrypted hash code.
  • A hash function that satisfies the first five properties in the preceding list is referred to as a weak hash function.
  • If the sixth property is also satisfied, then it is referred to as a strong hash function.
  • The sixth property protects against a sophisticated class of attack known as the birthday attack which we will be looking at later in the notes.
  • Figure 3 shows the general structure of a secure hash code.
  • In the next section we are going to study a specific algorithm (SHA-1) which will be seen to have this format.
  • Notice this has a similar structure to the CBC mode used for symmetric algorithms.