Describe a cryptographic hash function and how it is used as a security application? Please make sure to write 250 words in APA format with in-text citation. also you must use at least o
Describe a cryptographic hash function and how it is used as a security application? Please make sure to write 250 words in APA format with in-text citation. also you must use at least one scholarly resource. See attached document for reference.
Cryptography and Network Security:
Principles and Practice Eighth Edition
Chapter 11
Cryptographic Hash Functions
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Hash Functions
• A hash function H accepts a variable-length block of data
M as input and produces a fixed-size hash value
– h = H(M)
– Principal object is data integrity
• Cryptographic hash function
– An algorithm for which it is computationally infeasible to
find either:
(a) a data object that maps to a pre-specified hash
result (the one-way property)
(b) two data objects that map to the same hash result
(the collision-free property)
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.1 Cryptographic Hash
Function; h = H(M)
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.2 Attack Against Hash
Function
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.3 Simplified Examples of
the Use of a Hash Function for
Message Authentication
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Message Authentication Code (MAC)
• Also known as a keyed hash function
• Typically used between two parties that share a secret key
to authenticate information exchanged between those
parties
• Takes as input a secret key and a data block and produces
a hash value (MAC) which is associated with the protected
message
– If the integrity of the message needs to be checked, the
MAC function can be applied to the message and the
result compared with the associated MAC value
– An attacker who alters the message will be unable to
alter the associated MAC value without knowledge of
the secret key
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Digital Signature
• Operation is similar to that of the MAC
• The hash value of a message is encrypted with a user’s
private key
• Anyone who knows the user’s public key can verify the
integrity of the message
• An attacker who wishes to alter the message would need
to know the user’s private key
• Implications of digital signatures go beyond just message
authentication
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.4 Simplified Examples of
Digital Signatures
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Other Hash Function Uses
• Commonly used to create a one-way password file
– When a user enters a password, the hash of that password is
compared to the stored hash value for verification
– This approach to password protection is used by most operating
systems
• Can be used for intrusion and virus detection
– Store H(F) for each file on a system and secure the hash values
– One can later determine if a file has been modified by recomputing
H(F)
– An intruder would need to change F without changing H(F)
• Can be used to construct a pseudorandom function (PRF) or a
pseudorandom number generator (PRNG)
– A common application for a hash-based PRF is for the generation
of symmetric keys
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Two Simple Hash Functions
• Consider two simple insecure hash functions that operate using the
following general principles:
– The input is viewed as a sequence of n-bit blocks
– The input is processed one block at a time in an iterative fashion
to produce an n-bit hash function
• Bit-by-bit exclusive-OR (XOR) of every block
– Ci = bi1 xor bi2 xor . . . xor bim
– Produces a simple parity for each bit position and is known as a
longitudinal redundancy check
– Reasonably effective for random data as a data integrity check
• Perform a one-bit circular shift on the hash value after each block is
processed
– Has the effect of randomizing the input more completely and
overcoming any regularities that appear in the input
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.5 Two Simple Hash
Functions
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Requirements and Security Preimage
• x is the preimage of h for a hash value h = H(x)
• Is a data block whose hash function, using the function H,
is h
• Because H is a many-to-one mapping, for any given hash
value h, there will in general be multiple preimages
Collision
• Occurs if we have x ≠ y and H(x) = H(y)
• Because we are using hash functions for data integrity,
collisions are clearly undesirable
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.1 Requirements for a
Cryptographic Hash Function H
Requirement Description
Variable input size H can be applied to a block of data of any size.
Fixed output size H produces a fixed-length output.
Efficiency H(x) is relatively easy to compute for any
given x, making both hardware and software implementations practical.
Preimage resistant (one-way property) For any given hash value h, it is computationally
infeasible to find y such that H(y) = h.
Second preimage resistant (weak collision
resistant)
For any given block x, it is computationally
Infeasible to find y x with H(y) = H(x).
Collision resistant (strong collision resistant) It is computationally infeasible to find any pair
(x, y) with x y, such that H(x) = H(y).
Pseudorandomness Output of H meets standard tests for
pseudorandomness.
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.6 Relationship Among Hash
Function Properties
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.2 Hash Function Resistance
Properties Required for Various Data
Integrity Applications
Blank Preimage
Resistant
Second Preimage
Resistant
Collision Resistant
Hash + digital signature yes yes yes*
Intrusion detection and
virus detection
Blank Blank Blank
Hash + symmetric
encryption
Blank Blank Blank
One-way password file yes Blank Blank
MAC yes yes yes*
*Resistance required if attacker is able to mount a chosen message attack
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Attacks on Hash Functions
Brute-Force Attacks
• Does not depend on the
specific algorithm, only
depends on bit length
• In the case of a hash
function, attack depends
only on the bit length of
the hash value
• Method is to pick values at
random and try each one
until a collision occurs
Cryptanalysis
• An attack based on
weaknesses in a
particular cryptographic
algorithm
• Seek to exploit some
property of the algorithm
to perform some attack
other than an exhaustive
search
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Collision Resistant Attacks (1 of 2)
• For a collision resistant attack, an adversary wishes to find two
messages or data blocks that yield the same hash function
– The effort required is explained by a mathematical result
referred to as the birthday paradox
• Yuval proposed the following strategy to exploit the birthday
paradox in a collision resistant attack:
– The source (A) is prepared to sign a legitimate message x
by appending the appropriate m-bit hash code and
encrypting that hash code with A’s private key
– Opponent generates 2m/2 variations x’ of x, all with
essentially the same meaning, and stores the messages
and their hash values
– Opponent prepares a fraudulent message y for which A’s
signature is desired
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Collision Resistant Attacks (2 of 2)
– Opponent generates minor variations y’ of y, all of which convey
essentially the same meaning. For each y’, the opponent
computes H (y’), checks for matches with any of the H (x’) values,
and continues until a match is found. That is, the process
continues until a y’ is generated with a hash value equal to the
hash value of one of the x’ values
– The opponent offers the valid variation to A for signature which can
then be attached to the fraudulent variation for transmission to the
intended recipient
▪ Because the two variations have the same hash code, they will
produce the same signature and the opponent is assured of
success even though the encryption key is not known
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
A Letter in 238 Variations
Figure 11.7 A Letter in 238
Variations
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.8 General Structure of
Secure Hash Code
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Secure Hash Algorithm (SHA)
• SHA was originally designed by the National Institute of
Standards and Technology (NIST) and published as a
federal information processing standard (FIPS 180) in
1993
• Was revised in 1995 as SHA-1
• Based on the hash function MD4 and its design closely
models MD4
• Produces 160-bit hash values
• In 2002 NIST produced a revised version of the standard
that defined three new versions of SHA with hash value
lengths of 256, 384, and 512
– Collectively known as SHA-2
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.3 Comparison of SHA
Parameters
Algorithm Message
Size
Block Size Word Size Message
Digest Size
SHA-1 < 264 512 32 160
SHA-224 < 264 512 32 224
SHA-256 < 264 512 32 256
SHA-384 < 2128 1024 64 384
SHA-512 < 2128 1024 64 512
SHA-512/224 < 2128 1024 64 224
SHA-512/256 < 2128 1024 64 256
Note: All sizes are measured in bits.
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.9 Message Digest
Generation Using SHA-512
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.10 SHA-512 Processing of a
Single 1024-Bit Block
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.4 SHA-512 Constants 428a2f98d728ae22 7137449123ef65cd b5c0fbcfec4d3b2f e9b5dba58189dbbc
3956c25bf348b538 59f111f1b605d019 923f82a4af194f9b ab1c5ed5da6d8118
d807aa98a3030242 12835b0145706fbe 243185be4ee4b28c 550c7dc3d5ffb4e2
72be5d74f27b896f 80deb1fe3b1696b1 9bdc06a725c71235 c19bf174cf692694
e49b69c19ef14ad2 efbe4786384f25e3 0fc19dc68b8cd5b5 240ca1cc77ac9c65
2de92c6f592b0275 4a7484aa6ea6e483 5cb0a9dcbd41fbd4 76f988da831153b5
983e5152ee66dfab a831c66d2db43210 b00327c898fb213f bf597fc7beef0ee4
c6e00bf33da88fc2 d5a79147930aa725 06ca6351e003826f 142929670a0e6e70
27b70a8546d22ffc 2e1b21385c26c926 4d2c6dfc5ac42aed 53380d139d95b3df
650a73548baf63de 766a0abb3c77b2a8 81c2c92e47edaee6 92722c851482353b
a2bfe8a14cf10364 a81a664bbc423001 c24b8b70d0f89791 c76c51a30654be30
d192e819d6ef5218 d69906245565a910 f40e35855771202a 106aa07032bbd1b8
19a4c116b8d2d0c8 1e376c085141ab53 2748774cdf8eeb99 34b0bcb5e19b48a8
391c0cb3c5c95a63 4ed8aa4ae3418acb 5b9cca4f7763e373 682e6ff3d6b2b8a3
748f82ee5defb2fc 78a5636f43172f60 84c87814a1f0ab72 8cc702081a6439ec
90befffa23631e28 a4506cebde82bde9 bef9a3f7b2c67915 c67178f2e372532b
ca273eceea26619c d186b8c721c0c207 eada7dd6cde0eb1e f57d4f7fee6ed178
06f067aa72176fba 0a637dc5a2c898a6 113f9804bef90dae 1b710b35131c471b
28db77f523047d84 32caab7b40c72493 3c9ebe0a15c9bebc 431d67c49c100d4c
4cc5d4becb3e42b6 597f299cfc657e2a 5fcb6fab3ad6faec 6c44198c4a475817
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.11 Elementary SHA-512
Operation (single round)
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.12 Creation of 80-word
Input Sequence for SHA-512
Processing of Single Block
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.13 SHA-512 Logic
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
SHA-3
• SHA-1 has not yet been "broken”
– No one has demonstrated a technique for producing collisions in a
practical amount of time
– Considered to be insecure and has been phased out for SHA-2
• SHA-2 shares the same structure and mathematical operations as its
predecessors so this is a cause for concern
– Because it will take years to find a suitable replacement for SHA-2
should it become vulnerable, NIST decided to begin the process of
developing a new hash standard
• NIST announced in 2007 a competition for the SHA-3 next generation
NIST hash function
– Winning design was announced by NIST in October 2012
– SHA-3 is a cryptographic hash function that is intended to
complement SHA-2 as the approved standard for a wide range of
applications
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
The Sponge Construction
• Underlying structure of SHA-3 is a scheme referred to by its
designers as a sponge construction
• Takes an input message and partitions it into fixed-size blocks
• Each block is processed in turn with the output of each iteration
fed into the next iteration, finally producing an output block
• The sponge function is defined by three parameters:
– f = the internal function used to process each input block
– r = the size in bits of the input blocks, called the bitrate
– pad = the padding algorithm
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.14 Sponge Function Input
and Output
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.15 Sponge Construction
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.5 SHA-3 Parameters
Message Digest Size 224 256 384 512
Message Size no maximum no maximum no maximum no maximum
Block Size (bitrate r) 1152 1088 832 576
Word Size 64 64 64 64
Number of Rounds 24 24 24 24
Capacity c 448 512 768 1024
Collision Resistance 2112 2128 2192 2256
Second Preimage Resistance 2224 2256 2384 2512
Note: All sizes and security levels—are measured in bits.
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.16 SHA-3 State Matrix
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
SHA-3 Iteration Function f
Figure 11.17 SHA-3 Iteration
Function f
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.6 Step Functions in SHA-3
Function Type Description
θ Substitution New value of each bit in each word depends on its
current value and on one bit in each word of
preceding column and one bit of each word in
succeeding column.
ρ Permutation The bits of each word are permuted using a
circular bit shift. W[0, 0] is not affected.
π Permutation Words are permuted in the 5 × 5 matrix. W[0, 0] is
not affected.
x Substitution New value of each bit in each word depends on its
current value and on one bit in next word in the
same row and one bit in the second next word in
the same row.
ι Substitution W[0, 0] is updated by XOR with a round constant.
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.18 Theta and Chi Step
Functions
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.7 Rotation Values Used in SHA-3 (1 of 2)
(a) Calculation of values and positions
t g(t) g (t) mod 64 x, y
0 1 1 1, 0
1 3 3 0, 2
2 6 6 2, 1
3 10 10 1, 2
4 15 15 2, 3
5 21 21 3, 3
6 28 28 3, 0
7 36 36 0, 1
8 45 45 1, 3
9 55 55 3, 1
10 66 2 1, 4
11 78 14 4, 4
t g(t) g (t) mod 64 x, y
12 91 27 4, 0
13 105 41 0, 3
14 120 56 3, 4
15 136 8 4, 3
16 153 25 3, 2
17 171 43 2, 2
18 190 62 2, 0
19 210 18 0, 4
20 231 39 4, 2
21 253 61 2, 4
22 276 20 4, 1
23 300 44 1, 1
: ( ) = ( + 1)( + 2)/2
0 1 1 mod 5
2 3 0
t
Note g t t t
x
y
=
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.7 Rotation Values Used in SHA-3 (2 of 2)
(b) Rotation values by word position in matrix
Blank x = 0 x = 1 x = 2 x = 3 x = 4
y = 4 18 2 61 56 14
y = 3 41 45 15 21 8
y = 2 3 10 43 25 39
y = 1 36 44 6 55 20
y = 0 0 1 62 28 27
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Figure 11.19 Pi Step Function
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Table 11.8 Round Constants in SHA-3
Round Constant
(hexadecimal)
Number
of 1 bits
0 0000000000000001 1
1 0000000000008082 3
2 800000000000808A 5
3 8000000080008000 3
4 000000000000808B 5
5 0000000080000001 2
6 8000000080008081 5
7 8000000000008009 4
8 000000000000008A 3
9 0000000000000088 2
10 0000000080008009 4
11 000000008000000A 3
Round Constant
(hexadecimal)
Number
of 1 bits
12 000000008000808B 6
13 800000000000008B 5
14 8000000000008089 5
15 8000000000008003 4
16 8000000000008002 3
17 8000000000000080 2
18 000000000000800A 3
19 800000008000000A 4
20 8000000080008081 5
21 8000000000008080 3
22 0000000080000001 2
23 8000000080008008 4
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Summary
• Summarize the applications of cryptographic hash functions
• Explain why a hash function used for message authentication needs to
be secured
• Understand the operation of SHA-512
• Understand the differences among preimage resistant, second
preimage resistant, and collision resistant properties
• Present an overview of the basic structure of cryptographic hash
functions
• Describe how cipherblock chaining can be used to construct a hash
function
Copyright © 2020 Pearson Education, Inc. All Rights Reserved.
Copyright
This work is protected by United States copyright laws and is
provided solely for the use of instructors in teaching their
courses and assessing student learning. Dissemination or sale of
any part of this work (including on the World Wide Web) will
destroy the integrity of the work and is not permitted. The work
and materials from it should never be made available to students
except by instructors using the accompanying text in their
classes. All recipients of this work are expected to abide by these
restrictions and to honor the intended pedagogical purposes and
the needs of other instructors who rely on these materials.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.