Case Study On Hash Functions

CASE STUDY ON HASH FUNCTIONS
PRESENTED BY:
MY.SC.U3BCA18007KARTHIK M
MY.SC.U3BCA18022KARTHIK R BHAT
MY.SC.U3BCA18049SANTHOSH KUMAR M S
MY.SC.U3BCA18058CHINMAYA HEGDE
INTRODUCTION
• A cryptographic hash functions are used to achieve a number of security

objectives. It has huge role in making a system secure.
• Cryptographic system uses two tools i.e., Random generators and One-way
functions.
• One-way functions are a huge family of functions used for confidentiality,

authentication, integrity and non-repudiation
CLASSIFICATION OF CRYPTOGRAPHIC SYSTEM
1) Unconditional security
It means that if the attacker has the plaintext and the cipher text, its of no use to cryptanalyze it and these values are
independent random variables.
2) Provable security
Cryptographic systems are provably secure if the fact to break it is as difficult as to break a generic basic hard
problems.
3) Computational security
Most of the cryptographic systems are in this category. It means that the potential attackers don’t have the sufficient
amount of resources to break it.
NEED FOR ONE-WAY FUNCTIONS
• Confidentiality is one of the ’must have’ features of cryptographic systems.
• We need functions that transform the message to make it unreadable, and, if somebody
hears’ the message, should not able to understand or interpret it.
• This means that we need functions that can be computed one way but not the inverse:
One-way functions.
• Cryptography needs one way functions because of the main property of being hard to
compute the inverse of the function.
• We have to be very careful with because it involves mathematical issues which are not
fully solved or known.
HARD PROBLEMS
• There are the problems that can be solved in polynomial time (or sub-exponential), it
means, that the time it would take to solve them is known, and this time grows in a
polynomial way as the problem becomes more complicated (called P problems).
• And there are the other problems, called NP that are problems whose solutions can be
checked in polynomial time.
• In order to solve the big question P = NP? We should find a NP complete problem that
can be solved in polynomial time.
• Then we would be able to reduce all other NP problems to our solution and solve them.
HASH FUNCTIONS
A hash function is a function of the form:

h(x) = y where, x ∈ Z and y ∈ Zn
• The calculation is easy and fast

• The output of the functions is usually smaller than the input (Zn)
• The input can be any size while the output is usually of a fixed size
The result of the hash function is also called the digest

PROPERTIES OF HASH FUNCTIONS
1. Non-reversibility or one-way function
A good hash should make it very hard to reconstruct the original password from the output or hash
2. Diffusion or Avalanche effect

A change in just one bit of the original password should result in change to half the bits of its hash
3. Determinism
A given password must always generate the same hash value or enciphered text
4. Collision resistance
It should be hard to find two different passwords that hash to the same enciphered text
5. Non-predictable
The hash value should not be predictable from the password
VARIATIONS IN HASH FUNCTIONS
1) Salted hashes
Salting adds random data to each plaintext credential. The result: two identical plaintext passwords are now
differentiated in enciphered text form so that duplicates cannot be detected.
2) Keyed hash functions

A keyed hash function (HMAC) is an algorithm that uses a cryptographic key AND a cryptographic hash
function to produce a message authentication code that is keyed and hashed.
3) Adaptive hash functions

An adaptive one-way function is any function that is designed to iterate on its inner workings, feeding the
output back as input, in a manner that causes it to–ultimately–take longer to execute.
CLASSIFICATION OF HASH FUNCTIONS
Here,
MAC – Message Authentication Code
MDC – Modification Detection Code

OWHF – One-Way Hash Functions
CRHF – Collision Resistant Hash Functions
Modification Detection Code (MDC)
A MDC is a message digest that can prove the integrity of the message
that message that it has not been changed.
Example: If Alice needs to send a message to bob, he can create a message digest,
MDC and send both the message and MDC to Bob.
Bob can create a new MDC from the message and compare the received message
and new MDC, If they are same, the message is not changes.
Message Authentication Code (MAC)
MAC involves the use of a secret key to generate a small fixed size block of data
that is appended to message
• It assumes that the two communicating parties A and B share a common secret
key K
• When A send message to B it calculates the MAC of the message and the key,
MAC = C (K, M)
Where,
M= Input message, K= Secret Key, C= MAC function
• The Message + MAC are transmitted to receiver
• The receiver performs calculation on received
• The received MAC is compared to calculated
Working of Hash Functions
Hash function or Hash algorithm creates a unique digital fingerprint of

data i.e. message digest or hash.
Hash Algorithm has 3 basic characteristics
• Secure – Non reversible function
• Fixed Size – Size is fixed to the digest
• Unique – Cannot be same
Working of SHA - 256
SHA-256 is a hash function with digest length of 256 bits.
1) Boolean Operations
• Boolean operations AND, XOR and OR, denoted by ∧, ⊕ and ∨, respectively
• Bitwise complement, denoted by ~
• Integer addition modulo 232, denoted by A + B
• RotR(A, n) denotes the circular right shift of n bits of binary word A
• ShR(A, n) denotes the right shift of n bits of the binary word A
• AkB denotes the concatenation of the binary words A and B
2) Functions and constants
The algorithm uses the functions,
• Ch(X, Y, Z) = (X ∧ Y ) ⊕ (X ∧ Z)
• Maj(X, Y, Z) = (X ∧ Y ) ⊕ (X ∧ Z) ⊕ (Y ∧ Z)
• Σ0(X) = RotR(X, 2) ⊕ RotR(X, 13) ⊕ RotR(X, 22)
• σ0(X) = RotR(X, 7) ⊕ RotR(X, 18) ⊕ ShR(X, 3)
3) Padding
4) Block Decomposition
5) Hash Computation
6) Implementation
EXAMPLE OF SECURE HASH ALGORITHM (SHA-256)
POSSIBLE ATTACKS ON HASH FUNCTIONS
1) Weak collision resistance

The problem is that given a digest and the message that produced it, find another message that will produce the
same digest. We will try to compute the number of times we should try, to have a good probability to find the
answer to the problem. Good probability will be given by a probability of 0.5.
2) Birthday paradox
It’s a simple principle that comes from a simple problem. How many people have to be in a room, to have a
probability bigger than 0.5 that two persons have been born the same day? The calculation, after some
mathematic work, gives us the formula:
m = √2 (ln2) n ≅ 1.17√n
where n is the number of results in the image (for the birthday paradox, n would be 365). And m would be the
number of persons we need. This gives us m = 22.3. So, if we have 23 people in a room there is a good chance
that we find two born the same day.
3) Boomerang attack
• The boomerang attack is a chosen plaintext and adaptive chosen

ciphertext attack discovered by Wagner.
• The attack may use characteristics, differentials, as well
as truncated differentials.
• The attack breaks constructions in which there are high-
probability differential patterns propagating halfway through the
cipher both from the top and from the bottom, but there are no
good patterns that propagate through the full cipher.
APPLICATIONS OF HASH FUNCTIONS
• Digital signatures
These are used for signing a document with the good properties that the signer can tell when something has not
been signed by him AND that he can not deny his signature in a signed document.
• Virus checking
To know if a file has been infected with a virus means to know if it has been, we can use the digest of the
unmodified and safe file to compare it to the digest of the possible infected file. If it turns that both digest are
equal then we can say that the file has not been modified, then that it is virus-free.
• Secure Socket Layer connections
Secure Socket Layer (SSL) provides server authentication to clients. It’s the facto standard for communication
on the Internet. During the SSL handshake once the parts have negotiated the protocol, these have to select also
the hash methods to use for authentication.
• Password tables
A common method of client authentication is to require the client to present a password previously registered
with the server. Storing passwords of all users on the server poses an obvious security risk.

Case Study On Hash Functions

Uploaded by

Copyright:

Available Formats

Case Study On Hash Functions

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Case Study On Hash Functions

Uploaded by

Copyright:

Available Formats

CASE STUDY ON HASH FUNCTIONS

• A cryptographic hash functions are used to achieve a number of security

• One-way functions are a huge family of functions used for confidentiality,

A hash function is a function of the form:

• The calculation is easy and fast

The result of the hash function is also called the digest

2. Diffusion or Avalanche effect

2) Keyed hash functions

3) Adaptive hash functions

MDC – Modification Detection Code

Hash function or Hash algorithm creates a unique digital fingerprint of

1) Weak collision resistance

• The boomerang attack is a chosen plaintext and adaptive chosen

You might also like