[go: up one dir, main page]
Scribd
Upload
18 views33 pages

7 Unit 4. Cryptographic-Hash-Functions

Uploaded by

Sriram S kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
18 views33 pages

7 Unit 4. Cryptographic-Hash-Functions

Uploaded by

Sriram S kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 33

Chapter 12

Cryptographic
Hash Functions

12.1
Hash Function
 The hash value represents
concisely the longer
message
 may called the message digest

 A message digest is as a
``digital fingerprint'' of the
original document

condenses arbitrary message to fixed size

h = H(M)

2
Hashing V.S. Encryption
k
Hello, world. NhbXBsZSBzZW50ZW5jZSB0byBzaG93IEVuY
E
A sample sentence to show encryption. 3J5cHRpb24KsZSBzZ

k
Hello, world.
D NhbXBsZSBzZW50ZW5jZSB0byBzaG93IEVuY
A sample sentence to show encryption.
3J5cHRpb24KsZSBzZ

 Encryption is two way, and requires a key to encrypt/decrypt

This is a clear text that can easily read 52f21cf7c7034a20


without using the key. The sentence is 17a21e17e061a863
longer than the text above.

 Hashing is one-way. There is no 'de-hashing’


Hash Function Applications
 Used Alone
 Fingerprint -- file integrity verification, public key
fingerprint
 Password storage (one-way encryption)

 Combined with encryption functions


 Hash based Message Authentication Code (HMAC)
 protects both a message's integrity and confideltaility
 Digital signature
 Ensuring Non-repudiation
 Encrypt hash with private (signing) key and verify with public
(verification) key
Hash Functions Family
 MD (Message Digest)
 Designed by Ron Rivest
 Family: MD2, MD4, MD5
 SHA (Secure Hash Algorithm)
 Designed by NIST
 Family: SHA-0, SHA-1, and SHA-2
 SHA-2: SHA-224, SHA-256, SHA-384, SHA-512
 SHA-3: New standard in competition

 RIPEMD (Race Integrity Primitive Evaluation


Message Digest)
 Developed by Katholieke University Leuven Team
 Family : RIPEMD-128, RIPEMD-160, RIPEMD-256, RIPEMD-320
MD2, MD4 and MD5
 Family of one-way hash functions by Ronald Rivest
 All produces 128 bits hash value
 MD2: 1989
 Optimized for 8 bit computer
 Collision found in 1995
 MD4: 1990
 Full round collision attack found in 1995
 MD5: 1992
 Specified as Internet standard in RFC 1321
 since 1997 it was theoretically not so hard to create a
collision
 Practical Collision MD5 has been broken since 2004
 CA attack published in 2007
12.7
12.8
12.11
12.12
12.13
12.14
12.15
12.16
Example

12.17
12.18
12.19
12-2 SHA-512
• SHA-512 is the version of SHA with a 512-bit message
digest. This version, like the others in the SHA family of
algorithms, is based on the Merkle-Damgard scheme.

• Developed by NIST, specified in the Secure Hash Standard (SHS,

FIPS Pub 180), 1993

Topics discussed in this section:


12.2.1 Introduction
12.2.2 Compression Function
12.2.3 Analysis
12.21
12-2 SHA-512

SHA-512 is the version of SHA with a 512-bit message


digest. This version, like the others in the SHA family of
algorithms, is based on the Merkle-Damgard scheme.

Topics discussed in this section:


12.2.1 Introduction
12.2.2 Compression Function
12.2.3 Analysis
12.22
12.2.1 Two Groups of Compression functions

1. Hash functions made from scratch

• Message Digest(MD)
• MD2, MD4, MD5
• Secure Hash Algorithm(SHA)
• SHA-0, SHA-1, SHA-2
• RACE Integrity Primitives Evaluation Message Digest(RIPEMD-
160)

2. Hash functions based on Block ciphers

• Whirpool

12.23
12.2.1 Introduction

Figure 12.6 Message digest creation SHA-512

12.24
12.2.1 Continued

Message Preparation
SHA-512 insists that the length of the original message be less
than 2128 bits.

Note
SHA-512 creates a 512-bit message digest out of a
message less than 2128.

12.25
12.2.1 Continued

Figure 12.7 Padding and length field in SHA-512

12.26
12.2.1 Continued

Example 12.3
What is the number of padding bits if the length of the original message
is 2590 bits?

Solution
We can calculate the number of padding bits as follows:

The padding consists of one 1 followed by 353 0’s.

12.27
12.2.1 Continued

Example 12.4
Do we need padding if the length of the original message is
already a multiple of 1024 bits?

Solution
Yes we do, because we need to add the length field. So
padding is needed to make the new block a multiple of 1024
bits.

12.28
12.2.1 Continued

Words
Figure 12.8 A message block and the digest as words

SHA-512 is word-oriented. Each block is 16 words; the digest


is only eight words

12.29
12.2.1 Continued
Word Expansion
Figure 12.9 Word expansion in SHA-512

Each message block of 16 words must be expanded to 80 words for processing


12.2.1 Continued

Example 12.6

Show how W60 is made.

Solution
Each word in the range W16 to W79 is made from four previously-
made words. W60 is made as

12.31
12.2.1 Continued

Message Digest Initialization

12.32
12.2.2 Compression Function
Figure 12.10 Compression function in SHA-512

12.33
12.2.2 Continued
Figure 12.11 Structure of each round in SHA-512

12.34
12.2.2 Continued
Majority Function

Conditional Function

Rotate Functions

12.35
12.2.2 Analysis

With message digest of 512 bits, SHA-512 is resistant to all attacks


Including collision attack

12.36

You might also like