Uploaded byomarShiekh1
PPT, PDF1,560 views

Message authentication and hash function

The document discusses message authentication and hash functions. It covers security requirements including integrity, authentication and non-repudiation. It describes different authentication functions such as message encryption, message authentication codes (MACs), and hash functions. It provides examples of how hash functions work and evaluates the security of hash functions and MACs against brute force and cryptanalytic attacks.

Download to read offline
Network Security Presentation Chapter 11 Message authentication and hash function
. • Names IDs 1) Abdiqadir Osman mohamud 204326915 2) Rita Abdalla Hussein 214306913 3) Omar Ahmed Salad 214306912 4) Abdinasir Abdullahi Dahir 214326902 5) Abdifatah Ismail Sulub 214326917 6) Mohamed Sharif Hussein 214306908
. • Message authentication • Security requirements and attacks • Authentication Functions:- a. Message encryption b. Message authentication code (MAC) c. Hash functions • Practice and real life applications:- Overviewing concepts Capturing traffic using BURP SUIT Intercept network traffic Hashing function in PHP
Message Authentication message authentication is concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution)
CS526 Topic 5: Hash Functions and Message Authentication 5 Data Integrity and Source Authentication • Encryption does not protect data from modification by another party. • Why? • Need a way to ensure that data arrives at destination in its original form as sent by the sender and it is coming from an authenticated source.
Communication without authentication Shared key k to generate authenticate message Alice M Bob Eve M’ Very easy.. Eve can simply change the message
Security attacks In the context of communications across a network, the following attacks can be identified: • disclosure • traffic analysis • masquerade • content modification • sequence modification • timing modification • source repudiation • destination repudiation
Security attacks……. • Disclosure: Release of message contents to any person or process not possessing the appropriate cryptographic key. • Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-oriented application, the frequency and duration of connections could be determined. In either a connection-oriented or connectionless environment, the number and length of messages between parties could be determined.
Security attacks……. • Masquerade: Insertion of messages into the network from a fraudulent source. This includes the creation of messages by an opponent that are purported to come from an authorized entity. Also included are fraudulent acknowledgments of message receipt or nonreceipt by someone other than the message recipient.
Security attacks……. • Content modification: Changes to the contents of a message, including insertion, deletion, transposition, and modification. • Sequence modification: Any modification to a sequence of messages between parties, including insertion, deletion, and reordering.
Security attacks……. • Timing modification: Delay or replay of messages. In a connection-oriented application, an entire session or sequence of messages could be a replay of some previous valid session, or individual messages in the sequence could be delayed or replayed. In a connectionless application, an individual message (e.g., datagram) could be delayed or replayed.
Security attacks……. • Source repudiation: Denial of transmission of message by source. • Destination repudiation: Denial of receipt of message by destination.
Authentication Functions • Any message authentication or digital signature mechanism has two levels of functionality. • At the lower level, there must be some sort of function that produces an authenticator: a value to be used to authenticate a message. This lower-level function is then used as a primitive in a higher-level authentication protocol that enables a receiver to verify the authenticity of a message.
Authentication Functions.. This section is concerned with the types of functions that may be used to produce an authenticator. These may be grouped into three classes, as follows: ● Message encryption: The ciphertext of the entire message serves as its authenticator ● Message authentication code (MAC): A function of the message and a secret key that produces a fixed-length value that serves as the authenticator ● Hash function: A function that maps a message of any length into a fixed-length hash value, which serves as the authenticator
Message Encryption • message encryption by itself also provides a measure of authentication • if symmetric encryption is used then: • receiver know sender must have created it • since only sender and receiver now key used • know content cannot of been altered • if message has suitable structure, redundancy or a checksum to detect any changes
Message Encryption • if public-key encryption is used: • encryption provides no confidence of sender • since anyone potentially knows public-key • however if • sender signs message using their private-key • then encrypts with recipients public key • have both secrecy and authentication • again need to recognize corrupted messages • but at cost of two public-key uses on message
Message Authentication Code (MAC) • generated by an algorithm that creates a small fixed-sized block • depending on both message and some key • like encryption though need not be reversible • appended to message as a signature • receiver performs same computation on message and checks it matches the MAC • provides assurance that message is unaltered and comes from sender
Message Authentication Codes Keyed hash function. Authenticate origin of messages Symmetric key, shared between sender and receiver. Both sender and receiver can create and verify MAC. Integrity protection of messages Message changes in transit are detected. An ordinary (key-less) hash function does not provide this. (why?) Two known designs: HMAC (based on hash function) CBC-MAC (based on block cipher in CBC-mode) Are these good constructions? MACk (m) = h (kkm). MACk (m) = h (mkk). 22 / 26
Message Authentication Code
Message Authentication Codes as shown the MAC provides authentication can also use encryption for secrecy generally use separate keys for each can compute MAC either before or after encryption is generally regarded as better done before why use a MAC? sometimes only authentication is needed sometimes need authentication to persist longer than the encryption (eg. archival use) note that a MAC is not a digital signature
MAC Properties • a MAC is a cryptographic checksum MAC = CK(M) • condenses a variable-length message M • using a secret key K • to a fixed-sized authenticator • is a many-to-one function • potentially many messages have same MAC • but finding these needs to be very difficult
Requirements for MACs • taking into account the types of attacks • need the MAC to satisfy the following: 1. knowing a message and MAC, is infeasible to find another message with same MAC 2. MACs should be uniformly distributed 3. MAC should depend equally on all bits of the message
Hash Functions A cryptographic hash function h is a function which takes arbitrary length bit strings as input and produces a fixed length bit string as output, the hash value. A cryptographic hash function should be one-way: given any string y from the range of h, it should be computationally infeasible to find any value x in the domain of h such that h(x) = y. Given a hash function with outputs of n bits, we would like a function for which finding preimages requires O(2n) time. 23 /
Hash Functions • condenses arbitrary message to fixed size h = H(M) • usually assume that the hash function is public and not keyed • cf. MAC which is keyed • hash used to detect changes to message • can use in various ways with message • most often to create a digital signature
Requirements for a HashFunction • The purpose of a hash function is to produce a "fingerprint" of a file, message, or other block of data. To be useful for message authentication, a hash function H must have the following properties. 1. H can be applied to a block of data of any size. 2. H produces a fixed-length output.
HashFunction requirement 3. H(x) is relatively easy to compute for any given x, making both hardware and software implementations practical. 4. For any given value h, it is computationally infeasible to find x such that H(x) = h. This is sometimes referred to in the literature as the one-way property.
HashFunction requirement…. 5. For any given block x, it is computationally infeasible to find y x such that H(y) = H(x). This is sometimes referred to as weak collision resistance. 6.It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). This is sometimes referred to as strong collision resistance
Hash Functions & Digital Signatures
Example Operation of Hash Functions Information 2
Birthday Attacks might think a 64-bit hash is secure but by Birthday Paradox is not birthday attack works thus: opponent generates 2 m/2 variations of a valid message all with essentially the same meaning opponent also generates 2 m/2 variations of a desired fraudulent message two sets of messages are compared to find pair with same hash (probability > 0.5 by birthday paradox) have user sign the valid message, then substitute the forgery which will have a valid signature conclusion is that need to use larger MAC/hash
Some Popular HashAlgorithms Information 3  MD5 (Rivest ) ◦ 128-bit output ◦ Most popular  SHA-1 (NIST- NSA) ◦ US gov’t standard ◦ 160-bit output  RIPEMD-160 ◦ Euro.RIPE project. ◦ 160-bit output Algorithm Speed (MByte/s.) MD5 205 SHA-1 72 RIPEMD-160 51 Crypto++ 5.1 benchmarks,2.1 GHz P4
Usage of hash functions • Commit to message by disclosing hash of message, later showing the message • If collision resistant, you cannot cheat (change message). • Consider playing rock, paper, scissors remotely with a hash function. Or rock-paper-scissors-lizard-Spock. • Verify integrity of downloaded files. • Digital signatures. • SSL/TLS for integrity protection. • Storing passwords in operating systems and web servers. 21 /
Security of Hash Functions and Macs • Just as with symmetric and public-key encryption, we can group attacks on hash functions and MACs into two categories: brute-force attacks and cryptanalysis
Brute-Force Attacks • The nature of brute-force attacks differs somewhat for hash functions and MACs. Hash Functions • The strength of a hash function against brute-force attacks depends solely on the length of the hash • code produced by the algorithm. Recall from our discussion of hash functions that there are three
desirable properties: ● One-way: For any given code h, it is computationally infeasible to find x such that H(x) = h. ● Weak collision resistance: For any given block x, it is computationally infeasible to find y x with H(y) = H(x). ● Strong collision resistance: It is computationally infeasible to find any pair (x, y) such that H (x) = H(y).
Hash Functions & MAC Security cryptanalytic attacks exploit structure like block ciphers want brute-force attacks to be the best alternative have a number of analytic attacks on iterated hash functions CVi = f[CVi-1, Mi]; H(M)=CVN typically focus on collisions in function f like block ciphers is often composed of rounds attacks exploit properties of round functions
Practical applications.. • Hashing passwords • PHP server analysis • Burp suit capturing • message authentication code.pptx
. • .

More Related Content

PPTX
Public Key Cryptosystem
byDevakumar Kp
 
PPTX
Diffie hellman key exchange algorithm
bySunita Kharayat
 
PDF
2. public key cryptography and RSA
byDr.Florence Dayana
 
PPTX
Osi security architecture in network.pptx
byVinzoCenzo
 
PPT
Message Authentication
bychauhankapil
 
PPTX
5. message authentication and hash function
byChirag Patel
 
PPTX
Hash Function
bySiddharth Srivastava
 
PDF
Network security & cryptography full notes
bygangadhar9989166446
 
Public Key Cryptosystem
byDevakumar Kp
 
Diffie hellman key exchange algorithm
bySunita Kharayat
 
2. public key cryptography and RSA
byDr.Florence Dayana
 
Osi security architecture in network.pptx
byVinzoCenzo
 
Message Authentication
bychauhankapil
 
5. message authentication and hash function
byChirag Patel
 
Hash Function
bySiddharth Srivastava
 
Network security & cryptography full notes
bygangadhar9989166446
 

What's hot

PPTX
Topic1 substitution transposition-techniques
byMdFazleRabbi18
 
PPTX
Block cipher modes of operation
byharshit chavda
 
PPTX
MAC-Message Authentication Codes
byDarshanPatil82
 
PPTX
Cryptography
byJens Patel
 
PPTX
Cryptography.ppt
byUday Meena
 
PPTX
Idea(international data encryption algorithm)
bySAurabh PRajapati
 
PDF
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
byJAINAM KAPADIYA
 
PDF
symmetric key encryption algorithms
byRashmi Burugupalli
 
PPTX
Diffie Hellman Key Exchange
bySAURABHDHAGE6
 
PPTX
Public Key Cryptography
byGopal Sakarkar
 
PPT
Network security cryptographic hash function
byMijanur Rahman Milon
 
PPT
Classical Encryption Techniques
byuniversity of education,Lahore
 
PPTX
Transposition Cipher
bydaniyalqureshi712
 
PDF
Asymmetric Cryptography
byUTD Computer Security Group
 
PPTX
Modes of Operation
byShowkot Usman
 
PPT
Digital Signature Standard
bySou Jana
 
PPT
Message authentication
byCAS
 
PPTX
Symmetric ciphermodel
bypriyapavi96
 
PPT
Cryptography and Network Security William Stallings Lawrie Brown
byInformation Security Awareness Group
 
PPTX
Cryptography and Network Security
byPa Van Tanku
 
Topic1 substitution transposition-techniques
byMdFazleRabbi18
 
Block cipher modes of operation
byharshit chavda
 
MAC-Message Authentication Codes
byDarshanPatil82
 
Cryptography
byJens Patel
 
Cryptography.ppt
byUday Meena
 
Idea(international data encryption algorithm)
bySAurabh PRajapati
 
Symmetric Cipher Model, Substitution techniques, Transposition techniques, St...
byJAINAM KAPADIYA
 
symmetric key encryption algorithms
byRashmi Burugupalli
 
Diffie Hellman Key Exchange
bySAURABHDHAGE6
 
Public Key Cryptography
byGopal Sakarkar
 
Network security cryptographic hash function
byMijanur Rahman Milon
 
Classical Encryption Techniques
byuniversity of education,Lahore
 
Transposition Cipher
bydaniyalqureshi712
 
Asymmetric Cryptography
byUTD Computer Security Group
 
Modes of Operation
byShowkot Usman
 
Digital Signature Standard
bySou Jana
 
Message authentication
byCAS
 
Symmetric ciphermodel
bypriyapavi96
 
Cryptography and Network Security William Stallings Lawrie Brown
byInformation Security Awareness Group
 
Cryptography and Network Security
byPa Van Tanku
 

Similar to Message authentication and hash function

PDF
Cs8792 cns - unit iv
byArthyR3
 
PDF
Cs8792 cns - unit iv
byArthyR3
 
PDF
Cns
byArthyR3
 
PPT
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
byjeevasreemurali
 
PPT
Information and data security cryptography and network security
byMazin Alwaaly
 
PPTX
Unit 4 - Integrity and Authenticity-V1.pptx
byheaughfrds1
 
PPTX
unit - III.pptx
bysandyBS
 
PDF
BAIT1103 Chapter 2
bylimsh
 
PPTX
cryptography and network security cns.pptx
bygkumar610
 
PPT
ch11.ppt
bySomuPatil8
 
PPT
cryptography and network security by william stallings
byHimaniP19CSE013
 
PPT
Cryptography and Message Authentication NS3
bykoolkampus
 
PPTX
Information and network security 41 message authentication code
byVaibhav Khanna
 
PPT
ch11.ppt
byssuser4198c4
 
PPT
Ch11
byJoe Christensen
 
PPTX
Unit 3
bytamil arasan
 
PPT
Distribution of public keys and hmac
byanuragjagetiya
 
PDF
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
byJyothishmathi Institute of Technology and Science Karimnagar
 
PPT
Message Authentication: MAC, Hashes
byShafaan Khaliq Bhatti
 
PPTX
Information and data security cryptographic hash functions
byMazin Alwaaly
 
Cs8792 cns - unit iv
byArthyR3
 
Cs8792 cns - unit iv
byArthyR3
 
Cns
byArthyR3
 
UNIT3_class (1).ppt CRYPTOGRAPHY NOTES AND NETWORK
byjeevasreemurali
 
Information and data security cryptography and network security
byMazin Alwaaly
 
Unit 4 - Integrity and Authenticity-V1.pptx
byheaughfrds1
 
unit - III.pptx
bysandyBS
 
BAIT1103 Chapter 2
bylimsh
 
cryptography and network security cns.pptx
bygkumar610
 
ch11.ppt
bySomuPatil8
 
cryptography and network security by william stallings
byHimaniP19CSE013
 
Cryptography and Message Authentication NS3
bykoolkampus
 
Information and network security 41 message authentication code
byVaibhav Khanna
 
ch11.ppt
byssuser4198c4
 
Ch11
byJoe Christensen
 
Unit 3
bytamil arasan
 
Distribution of public keys and hmac
byanuragjagetiya
 
CRYPTOGRAPHY & NETWORK SECURITY- Cryptographic Hash Functions
byJyothishmathi Institute of Technology and Science Karimnagar
 
Message Authentication: MAC, Hashes
byShafaan Khaliq Bhatti
 
Information and data security cryptographic hash functions
byMazin Alwaaly
 

Recently uploaded

PDF
Session 2 - Specialized AI Associate Series: Orchestrator Deep-Dive and UiPa...
byDianaGray10
 
PDF
A Guide to Microsoft Azure's Scalable and Secure Cloud Solutions
byTeleglobal International
 
PDF
UiPath DevConnect 2025: Introduction to Agentic Automation
byDianaGray10
 
PPTX
Documenta11y’s Role in Healthcare Document Accessibility
bydocumenta11y
 
PDF
Master Deck: GraphSummit Bengaluru (Oct 7)
byNeo4j
 
PDF
Session 1 - Agentic Automation Building the Enterprise Agent of Tomorrow
byDianaGray10
 
PDF
Unleash the Power of Salesforce Winter ’26 Release.pdf
byyoyoloftis
 
PDF
Web Mapping 101: Creating Dynamic Web Maps with Geospatial Data
bySafe Software
 
PDF
Certified Kubernetes Security Specialist (CKS): Unit 5
byVICTOR MAESTRE RAMIREZ
 
PDF
Unit 3 DS - Distributed Data Storage and Retrieval - PowerPoint Content.pdf
byayesha butalia
 
PPTX
SIH Presentation praniawar2o25 cse.pptx
bysamikshamatkar91
 
PDF
CIDT: Blockchain, DeFi & Product Engineering - MVPs in 4 Weeks with a Senior-...
byTetianaBuchynska1
 
PDF
Ultimate B2B Travel API Integration for Skyrocket Bookings
byanishadivaha
 
PDF
Demystifying LLMs- How to Use GenAI Effectively.pdf
byAiko Klostermann
 
PDF
Towards efficient vision representation and coding standards for superior emb...
byTouradj Ebrahimi
 
PPTX
TechVerse Kent (Combining Tech, AI, Innovation and Creativity)
byKritarthDevli
 
PDF
Supercharge your JVM performance with Project Leyden and Spring Boot
byAmmbra
 
PDF
A business case for open source: From lock-in to value.pdf
byMindtrek
 
PDF
Mapping Your Ecosystem: Uniting Content and Data across Systems
byRustici Software
 
PPTX
sap 2016-09-14_PP_MRPType_VB_Blogged.pptx
byAmira Jemi
 
Session 2 - Specialized AI Associate Series: Orchestrator Deep-Dive and UiPa...
byDianaGray10
 
A Guide to Microsoft Azure's Scalable and Secure Cloud Solutions
byTeleglobal International
 
UiPath DevConnect 2025: Introduction to Agentic Automation
byDianaGray10
 
Documenta11y’s Role in Healthcare Document Accessibility
bydocumenta11y
 
Master Deck: GraphSummit Bengaluru (Oct 7)
byNeo4j
 
Session 1 - Agentic Automation Building the Enterprise Agent of Tomorrow
byDianaGray10
 
Unleash the Power of Salesforce Winter ’26 Release.pdf
byyoyoloftis
 
Web Mapping 101: Creating Dynamic Web Maps with Geospatial Data
bySafe Software
 
Certified Kubernetes Security Specialist (CKS): Unit 5
byVICTOR MAESTRE RAMIREZ
 
Unit 3 DS - Distributed Data Storage and Retrieval - PowerPoint Content.pdf
byayesha butalia
 
SIH Presentation praniawar2o25 cse.pptx
bysamikshamatkar91
 
CIDT: Blockchain, DeFi & Product Engineering - MVPs in 4 Weeks with a Senior-...
byTetianaBuchynska1
 
Ultimate B2B Travel API Integration for Skyrocket Bookings
byanishadivaha
 
Demystifying LLMs- How to Use GenAI Effectively.pdf
byAiko Klostermann
 
Towards efficient vision representation and coding standards for superior emb...
byTouradj Ebrahimi
 
TechVerse Kent (Combining Tech, AI, Innovation and Creativity)
byKritarthDevli
 
Supercharge your JVM performance with Project Leyden and Spring Boot
byAmmbra
 
A business case for open source: From lock-in to value.pdf
byMindtrek
 
Mapping Your Ecosystem: Uniting Content and Data across Systems
byRustici Software
 
sap 2016-09-14_PP_MRPType_VB_Blogged.pptx
byAmira Jemi
 
In this document
Powered by AI

Presentation on network security focusing on message authentication and hash functions.

List of participants including their names and IDs involved in the presentation.

Discusses message authentication, security requirements, coding techniques, and practical applications.

Focuses on integrity, origin validation, and the need for data integrity through appropriate methods.

Types of security attacks: disclosure, traffic analysis, masquerade, content modification, and more.

Two levels of functionality in authentication: authenticator generation and higher-level authentication.

Explains message encryption, MAC, and their importance in ensuring integrity and origin of messages.

Describes the properties and requirements for creating secure Message Authentication Codes.

Defines hash functions and their role in message authentication, producing fixed-length outputs.

Requirements of hash functions such as computational efficiency, one-way property, and collision resistance.

Illustrates the role of hash functions in creating digital signatures for authenticity.

Details how birthday paradox affects hash functions and why larger hash sizes are necessary.

Highlights popular hash algorithms like MD5, SHA-1, and their respective speeds.

Illustrates various practical applications, including verifying downloads, digital signatures, and password storage.

Discusses brute-force and cryptanalysis attacks, emphasizing the importance of properties for hash function security.

Explains cryptanalytic attacks on hash functions and how they relate to MACs and block ciphers.

Mentions practical uses of hashing in password security, analysis, and message authentication.

Closing remarks and acknowledgment of the presentation topics.

Message authentication and hash function

  • 1.
    Network Security Presentation Chapter 11 Messageauthentication and hash function
  • 2.
    . • Names IDs 1)Abdiqadir Osman mohamud 204326915 2) Rita Abdalla Hussein 214306913 3) Omar Ahmed Salad 214306912 4) Abdinasir Abdullahi Dahir 214326902 5) Abdifatah Ismail Sulub 214326917 6) Mohamed Sharif Hussein 214306908
  • 3.
    . • Message authentication •Security requirements and attacks • Authentication Functions:- a. Message encryption b. Message authentication code (MAC) c. Hash functions • Practice and real life applications:- Overviewing concepts Capturing traffic using BURP SUIT Intercept network traffic Hashing function in PHP
  • 4.
    Message Authentication message authenticationis concerned with: protecting the integrity of a message validating identity of originator non-repudiation of origin (dispute resolution)
  • 5.
    CS526 Topic 5: Hash Functions and Message Authentication 5 Data Integrity andSource Authentication • Encryption does not protect data from modification by another party. • Why? • Need a way to ensure that data arrives at destination in its original form as sent by the sender and it is coming from an authenticated source.
  • 6.
    Communication without authentication Shared keyk to generate authenticate message Alice M Bob Eve M’ Very easy.. Eve can simply change the message
  • 7.
    Security attacks In thecontext of communications across a network, the following attacks can be identified: • disclosure • traffic analysis • masquerade • content modification • sequence modification • timing modification • source repudiation • destination repudiation
  • 8.
    Security attacks……. • Disclosure:Release of message contents to any person or process not possessing the appropriate cryptographic key. • Traffic analysis: Discovery of the pattern of traffic between parties. In a connection-oriented application, the frequency and duration of connections could be determined. In either a connection-oriented or connectionless environment, the number and length of messages between parties could be determined.
  • 9.
    Security attacks……. • Masquerade:Insertion of messages into the network from a fraudulent source. This includes the creation of messages by an opponent that are purported to come from an authorized entity. Also included are fraudulent acknowledgments of message receipt or nonreceipt by someone other than the message recipient.
  • 10.
    Security attacks……. • Contentmodification: Changes to the contents of a message, including insertion, deletion, transposition, and modification. • Sequence modification: Any modification to a sequence of messages between parties, including insertion, deletion, and reordering.
  • 11.
    Security attacks……. • Timingmodification: Delay or replay of messages. In a connection-oriented application, an entire session or sequence of messages could be a replay of some previous valid session, or individual messages in the sequence could be delayed or replayed. In a connectionless application, an individual message (e.g., datagram) could be delayed or replayed.
  • 12.
    Security attacks……. • Sourcerepudiation: Denial of transmission of message by source. • Destination repudiation: Denial of receipt of message by destination.
  • 13.
    Authentication Functions • Anymessage authentication or digital signature mechanism has two levels of functionality. • At the lower level, there must be some sort of function that produces an authenticator: a value to be used to authenticate a message. This lower-level function is then used as a primitive in a higher-level authentication protocol that enables a receiver to verify the authenticity of a message.
  • 14.
    Authentication Functions.. This sectionis concerned with the types of functions that may be used to produce an authenticator. These may be grouped into three classes, as follows: ● Message encryption: The ciphertext of the entire message serves as its authenticator ● Message authentication code (MAC): A function of the message and a secret key that produces a fixed-length value that serves as the authenticator ● Hash function: A function that maps a message of any length into a fixed-length hash value, which serves as the authenticator
  • 15.
    Message Encryption • messageencryption by itself also provides a measure of authentication • if symmetric encryption is used then: • receiver know sender must have created it • since only sender and receiver now key used • know content cannot of been altered • if message has suitable structure, redundancy or a checksum to detect any changes
  • 16.
    Message Encryption • ifpublic-key encryption is used: • encryption provides no confidence of sender • since anyone potentially knows public-key • however if • sender signs message using their private-key • then encrypts with recipients public key • have both secrecy and authentication • again need to recognize corrupted messages • but at cost of two public-key uses on message
  • 17.
    Message Authentication Code (MAC) •generated by an algorithm that creates a small fixed-sized block • depending on both message and some key • like encryption though need not be reversible • appended to message as a signature • receiver performs same computation on message and checks it matches the MAC • provides assurance that message is unaltered and comes from sender
  • 18.
    Message Authentication Codes Keyedhash function. Authenticate origin of messages Symmetric key, shared between sender and receiver. Both sender and receiver can create and verify MAC. Integrity protection of messages Message changes in transit are detected. An ordinary (key-less) hash function does not provide this. (why?) Two known designs: HMAC (based on hash function) CBC-MAC (based on block cipher in CBC-mode) Are these good constructions? MACk (m) = h (kkm). MACk (m) = h (mkk). 22 / 26
  • 19.
  • 20.
    Message Authentication Codes asshown the MAC provides authentication can also use encryption for secrecy generally use separate keys for each can compute MAC either before or after encryption is generally regarded as better done before why use a MAC? sometimes only authentication is needed sometimes need authentication to persist longer than the encryption (eg. archival use) note that a MAC is not a digital signature
  • 21.
    MAC Properties • aMAC is a cryptographic checksum MAC = CK(M) • condenses a variable-length message M • using a secret key K • to a fixed-sized authenticator • is a many-to-one function • potentially many messages have same MAC • but finding these needs to be very difficult
  • 22.
    Requirements for MACs •taking into account the types of attacks • need the MAC to satisfy the following: 1. knowing a message and MAC, is infeasible to find another message with same MAC 2. MACs should be uniformly distributed 3. MAC should depend equally on all bits of the message
  • 23.
    Hash Functions A cryptographichash function h is a function which takes arbitrary length bit strings as input and produces a fixed length bit string as output, the hash value. A cryptographic hash function should be one-way: given any string y from the range of h, it should be computationally infeasible to find any value x in the domain of h such that h(x) = y. Given a hash function with outputs of n bits, we would like a function for which finding preimages requires O(2n) time. 23 /
  • 24.
    Hash Functions • condensesarbitrary message to fixed size h = H(M) • usually assume that the hash function is public and not keyed • cf. MAC which is keyed • hash used to detect changes to message • can use in various ways with message • most often to create a digital signature
  • 25.
    Requirements for aHashFunction • The purpose of a hash function is to produce a "fingerprint" of a file, message, or other block of data. To be useful for message authentication, a hash function H must have the following properties. 1. H can be applied to a block of data of any size. 2. H produces a fixed-length output.
  • 26.
    HashFunction requirement 3. H(x)is relatively easy to compute for any given x, making both hardware and software implementations practical. 4. For any given value h, it is computationally infeasible to find x such that H(x) = h. This is sometimes referred to in the literature as the one-way property.
  • 27.
    HashFunction requirement…. 5. Forany given block x, it is computationally infeasible to find y x such that H(y) = H(x). This is sometimes referred to as weak collision resistance. 6.It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). This is sometimes referred to as strong collision resistance
  • 28.
    Hash Functions &Digital Signatures
  • 29.
    Example Operation of HashFunctions Information 2
  • 30.
    Birthday Attacks might thinka 64-bit hash is secure but by Birthday Paradox is not birthday attack works thus: opponent generates 2 m/2 variations of a valid message all with essentially the same meaning opponent also generates 2 m/2 variations of a desired fraudulent message two sets of messages are compared to find pair with same hash (probability > 0.5 by birthday paradox) have user sign the valid message, then substitute the forgery which will have a valid signature conclusion is that need to use larger MAC/hash
  • 31.
    Some Popular HashAlgorithms Information3  MD5 (Rivest ) ◦ 128-bit output ◦ Most popular  SHA-1 (NIST- NSA) ◦ US gov’t standard ◦ 160-bit output  RIPEMD-160 ◦ Euro.RIPE project. ◦ 160-bit output Algorithm Speed (MByte/s.) MD5 205 SHA-1 72 RIPEMD-160 51 Crypto++ 5.1 benchmarks,2.1 GHz P4
  • 32.
    Usage of hashfunctions • Commit to message by disclosing hash of message, later showing the message • If collision resistant, you cannot cheat (change message). • Consider playing rock, paper, scissors remotely with a hash function. Or rock-paper-scissors-lizard-Spock. • Verify integrity of downloaded files. • Digital signatures. • SSL/TLS for integrity protection. • Storing passwords in operating systems and web servers. 21 /
  • 33.
    Security of HashFunctions and Macs • Just as with symmetric and public-key encryption, we can group attacks on hash functions and MACs into two categories: brute-force attacks and cryptanalysis
  • 34.
    Brute-Force Attacks • Thenature of brute-force attacks differs somewhat for hash functions and MACs. Hash Functions • The strength of a hash function against brute-force attacks depends solely on the length of the hash • code produced by the algorithm. Recall from our discussion of hash functions that there are three
  • 35.
    desirable properties: ● One-way:For any given code h, it is computationally infeasible to find x such that H(x) = h. ● Weak collision resistance: For any given block x, it is computationally infeasible to find y x with H(y) = H(x). ● Strong collision resistance: It is computationally infeasible to find any pair (x, y) such that H (x) = H(y).
  • 36.
    Hash Functions &MAC Security cryptanalytic attacks exploit structure like block ciphers want brute-force attacks to be the best alternative have a number of analytic attacks on iterated hash functions CVi = f[CVi-1, Mi]; H(M)=CVN typically focus on collisions in function f like block ciphers is often composed of rounds attacks exploit properties of round functions
  • 37.
    Practical applications.. • Hashingpasswords • PHP server analysis • Burp suit capturing • message authentication code.pptx
  • 38.