Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
- The Hash function chops and mixes the data to create the
fingerprint, it is often called hash value.
- Hash value or Message digest or digital fingerprint is commonly
represented as a short string of random-looking letters and
numbers..
Message digest has Advantages :
- O/P always has the same length.
- Processing and storing of short hash
value is very easy.
- Consumes less time while in transit.
- Comparison of long messages become
very easy.
Properties of Hash Applications of hash functions:
Collision Resistant: Cannot find any two 1. Digital Signatures
different messages with the same hash One of the applications of hash. Digital
signatures are perhaps most demanding
value. hash of the message, then apply private key
One-way: Given only a hash value can not to the hash to generate signatures.
construct a message (preimage) that
generated hash. Computing a digital signature for a long
message is very time consuming.
MAC differs from digital signatures, as MAC values are both generated
and verified using same secret key.
This implies that sender and receiver must agree on keys before
initiating communications. For the same reason MAC’s do not provide
property of nonrepudiation offered by digital signature.
In the diagram, the one-way compression function is denoted by f, and transforms two fixed
length inputs to an output of the same size as one of the inputs.
The algorithm starts with an initial value, the initialization vector (IV). The IV is a fixed value
(algorithm or implementation specific).
MD5 working contd…
For each message block, the compression (or compacting) function f takes the result so far,
combines it with the message block, and produces an intermediate result. The last block is
padded with zeros as needed and bits representing the length of the entire message are
appended.
To harden the hash further the last result is then sometimes fed through a finalisation
function.
Whirlpool is based on the use of a block cipher for the compression function. There has
traditionally been little interest in the use of block-cipher-based hash functions because of
the demonstrated security vulnerabilities of the structure.
Typically, block-cipher-based hash functions are significantly slower than hash functions
specifically designed.
A principal measure of the strength
of a hash function is the length of
the hash code in bits. For block-
cipher-based hash codes, proposed
designs have a hash code length
equal to either the cipher block
length or twice the cipher block
length. Traditionally, cipher block
length has been limited to 64 bits
(e.g., DES, triple DES), resulting in a
hash code of questionable
strength.
SHA (Secure Hash Algorithm)
- Developed by NIST (National Institute of Standards and Technology.
- Published as FIPS (Federal Information Processing Standard ) in 1993
- Revised version released in 1995
- It is based on hash function MD4 and its design.
- SHA produces 160-bits of hash and maximum 264 bits as input.
- Later releases SHA-256, SHA-384, SHA-512,---
- All of the above are having same structure and mathematical model.
Overview of SHA-1
- Like MD4 and MD5 , SHA-1 operates in stages.
- Each stage mangles (crush) the pre-stage message digest by a sequence of operations
based on current message block
- At the end of the stage each word of the mangled message digest is added to its pre-
stage value to produce post-stage value.
- The 160-bit message digest consists of five 32-bit words. We call these words as ABCDE
and they are set to constants.
A (67452301) 16
B (EFCDAB89) 16
C (98BADCFE) 16
D (10325476) 16
E (C3D2E1F0) 16
- After the last stage the value of |A|B|C|D|E| is the message digest for the entire
message.
SHA-1 Processing Steps
Step 1: Appending padding bits
The message is divided into multiple of 512-bits and in each of the 512-
bits the padding of bits is done. The length of the padding will be 448
modulo 512 (i.e.L≡448 mod 512) here L is 64.
Padding always added , even if the message is already in desired length.
Thus the no. of padding bits is in the range of 1-512. The padding can be
done by adding single 1-bits followed by the necessary no. of 0-bits.
[ Padding : If an encryption algorithm requires plaintext to be a multiple of
some no. of bytes, the padding field is used to expand the plaintext to the
required length. Additional padding may be added to provide partial traffic
flow confidentiality by concealing the actual length of the payload.]
Step 2:Append length
Step 5: Output:
After all L 512-bit blocks have been processed, the output from the Lth stage is
the 160- bit message digest.
Checksums and CRC Function
A Cyclic Redundancy Check (CRC) is a type of hash function used to provide a
“Checksum”, which is a small fixed number of bits against a block of data such
as a packet of network traffic or a block of a computer file.
1. Signature Generation:
Generating a pair of public key and
provide key by the sender of the
message.
Generating the message digest from the
message using a hash function.
Generating the digital signature from the 2. Signature Verification:
message digest with the private key. Generating the message digest from the
Sending the message, the digital message using the same hash function.
signature, and the public key to receiver. Verifying the digital signature with message
digest using the public key.
Digital Signature Services: Data Integrity − In case an attacker has
Digital Signature provides the following access to the data and modifies it, the
services: digital signature verification at receiver
end fails. The hash of modified data and
the output provided by the verification
Message authentication algorithm will not match. Hence, receiver
Data Integrity can safely deny the message assuming
Non-repudiation that data integrity has been breached.
The signature function also depends on the senders private key(PRa) and global
public key(PUg). The result is a signature consisting of two components s and r.
When a user A first logs into a workstation, by typing account name and password, the
period from login to logout is termed as login session. During this session user A will
probably need to access remote resources that in turn needs authentication, the
authentication procedure is performed by user A’s workstation on user A behalf. The user A
need not be aware of those happenings.
Symmetric-Key Distribution Contd…
Kerberos has the ability to distribute “session keys” to allow encrypted data
streams over an IP network.
The term "Kerberos server" generally refers to the Key Distribution Center, or
the KDC for short. The KDC implements:
the Authentication Service (AS) and
the Ticket Granting Service (TGS).
The KDC has a copy of every password associated with every principal (user).
For this reason, it is absolutely vital that the KDC be as secure as possible.
Example
Asumptions: g=7 and p=23
User A chooses x =3, calculates R1=73 mod 23 => 21
User B chooses y =6, calculates R2=76 mod 23 => 4
User A sends the no. 21 to user B
User B sends the no 4 to user A
User A calculates symmetric key
k=43 mod 23 => 18
User B calculates symmetric key
k=216 mod 23 => 18
Public-Key Distribution
OR
X.509 Authentication Service: (X.509 Certificate)
ITU-T (International Telecommunication Union – Telecommunication
Standardization Sector) recommendation X.509 is part of the X.500 series of
recommendations that define a directory service.
The directory is a server or distributed set of servers that maintains a database of
information about users.
The information includes a mapping from user name to network address, as well as
other attributes and information about the users.
X.509 defines a framework for the provision of authentication services by the X.500
directory to its users. The directory may serve as a repository of public-key
certificates.
Public-Key Distribution Contd…
Each certificate contains the public key of a user and is signed with the private key
of a trusted certification authority. X.509 defines alternative authentication
protocols based on the use of public-key certificates.
X.509 is an important standard because the certificate structure and
authentication protocols defined in X.509 are used in variety of contexts (SSL,
SET, etc.).
A third version of X.509 was issued in 1995 and revised in 2000.
In one type of hijacking (also known as a man in the middle attack), the perpetrator takes
control of an established connection while it is in progress.
The attacker intercepts messages in a public key exchange and then retransmits them,
substituting their own public key for the requested one, so that the two original parties
still appear to be communicating with each other directly.
The attacker uses a program that appears to be the server to the client and appears to be
the client to the server.
This attack may be used simply to gain access to the messages, or to enable the attacker
to modify them before retransmitting them.