Cryptography: Understanding Hash Functions and Their Role in Security, Slides of Computer Science

An introduction to hash functions in the context of cryptography. It explains the motivation behind using hash functions for message signing and verification, and discusses the properties required for a secure hash function. The document also covers various non-crypto hash functions and their vulnerabilities, as well as popular crypto hashes like md5 and sha-1.

Typology: Slides

2012/2013

Uploaded on 03/22/2013

dhimant
dhimant 🇮🇳

4.3

(8)

128 documents

1 / 20

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Part 1 Cryptography 1
Hash Functions
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14

Partial preview of the text

Download Cryptography: Understanding Hash Functions and Their Role in Security and more Slides Computer Science in PDF only on Docsity!

Part 1  Cryptography 1

Hash Functions

Part 1  Cryptography 2

Hash Function Motivation

 Suppose Alice signs M

o Alice sends M and S = [M]

Alice

to Bob

o Bob verifies that M = {S}

Alice

o Is it OK to just send S?

 If M is big, [M]

Alice

is costly to compute

 Suppose instead, Alice signs h(M), where

h(M) is much smaller than M

o Alice sends M and S = [h(M)]

Alice

to Bob

o Bob verifies that h(M) = {S}

Alice

Part 1  Cryptography 4

Pre-Birthday Problem

 Suppose N people in a room

 How large must N be before the

probability someone has same

birthday as me is  1/

o Solve: 1/2 = 1  (364/365)

N

for N

o Find N = 253

Part 1  Cryptography 5

Birthday Problem

 How many people must be in a room before

probability is  1/2 that two or more have

same birthday?

o 1  365/365  364/365   (365N+1)/

o Set equal to 1/2 and solve: N = 23

Part 1  Cryptography 7

Non-crypto Hash (1)

 Data X = (X

0

,X

1

,X

2

,…,X

n-

), each X

i

is a byte

 Spse hash(X) = X

0

+X

1

+X

2

+…+X

n-

 Is this secure?

 Example: X = (10101010,00001111)

 Hash is 10111001

 But so is hash of Y = (00001111,10101010)

 Easy to find collisions, so not secure…

Part 1  Cryptography 8

Non-crypto Hash (2)

 Data X = (X

0

,X

1

,X

2

,…,X

n-

 Suppose hash is

o h(X) = nX

0

+(n-1)X

1

+(n-2)X

2

+…+1X

n-

 Is this hash secure?

 At least

o h(10101010,00001111)h(00001111,10101010)

 But hash of (00000001,00001111) is same

as hash of (00000000,00010001)

 Not one-way, but this hash is used in the

(non-crypto) application rsync

Part 1  Cryptography 10

Popular Crypto Hashes

 MD5  invented by Rivest

o 128 bit output

o Note: MD5 collision recently found

 SHA-1  A US government standard

(similar to MD5)

o 160 bit output

 Many others hashes, but MD5 and SHA-

most widely used

 Hashes work by hashing message in blocks

Part 1  Cryptography 11

Crypto Hash Design

 Desired property: avalanche effect

o Change to 1 bit of input should affect about

half of output bits

 Crypto hash functions consist of some

number of rounds

 Want security and speed

o Avalanche effect after few rounds

o But simple rounds

 Analogous to design of block ciphers

Part 1  Cryptography 13

Hash Uses

 Authentication (HMAC)

 Message integrity (HMAC)

 Message fingerprint

 Data corruption detection

 Digital signature efficiency

 Anything you can do with symmetric crypto

Part 1  Cryptography 14

Online Auction

 Suppose Alice, Bob and Charlie are bidders

 Alice plans to bid A, Bob B and Charlie C

 They don’t trust that bids will stay secret

 Solution?

o Alice, Bob, Charlie submit hashes h(A), h(B), h(C)

o All hashes received and posted online

o Then bids A, B and C revealed

 Hashes don’t reveal bids (one way)

 Can’t change bid after hash sent (collision)

Part 1  Cryptography 16

Shamir’s Secret Sharing

(X

0

,Y

0

(X )

1

,Y

1

)

(0,S)

 Two points determine a line

 Give (X

0

,Y

0

) to Alice

 Give (X

1

,Y

1

) to Bob

 Then Alice and Bob must

cooperate to find secret S

 Also works in discrete case

 Easy to make “m out of n”

scheme for any m  n X

Y

2 out of 2

Part 1  Cryptography 17

Shamir’s Secret Sharing

(X

0

,Y

0

)

(X

1

,Y

1

)

(0,S)

 Give (X

0

,Y

0

) to Alice

 Give (X

1

,Y

1

) to Bob

 Give (X

2

,Y

2

) to Charlie

 Then any two of Alice, Bob

and Charlie can cooperate to

find secret S

 But no one can find secret S

 A “2 out of 3” scheme X

Y

(X

2

,Y

2

)

2 out of 3

Part 1  Cryptography 19

Secret Sharing Example

 Key escrow  required that your key be

stored somewhere

 Key can be used with court order

 But you don’t trust FBI to store keys

 We can use secret sharing

o Say, three different government agencies

o Two must cooperate to recover the key

Part 1  Cryptography 20

Secret Sharing Example

(X

0

,Y

0

)

(X

1

,Y

1

)

(0,K)

 Your symmetric key is K

 Point (X

0

,Y

0

) to FBI

 Point (X

1

,Y

1

) to DoJ

 Point (X

2

,Y

2

) to DoC

 To recover your key K,

two of the three agencies

must cooperate

 No one agency can get K

X

Y

(X

2

,Y

2

)