

































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
message digest algorithm hash function sha is the advanced version of md5
Typology: Study notes
1 / 41
This page cannot be seen from the preview
Don't miss anything!
Cryptography and Network Security
Cryptography and Network Security
nd^ edition by William Stallings and the
“Cryptography: Theory and Practice” by Douglas Stinson. You may not modify, publish, or sell, reproduce, create derivativeworks from, distribute, perform, display, or in any way exploit anyof the content, in whole or in part, except as otherwise expresslypermitted by the author. The author has used his best efforts in preparing this lecture note.The author makes no warranty of any kind, expressed or implied,with regard to the programs, protocols contained in this lecturenote. The author shall not be liable in any event for incidental orconsequential damages in connection with, or arising out of, thefurnishing, performance, or use of these.
Cryptography and Network Security
^ Be applied to a block of data of any size ^ Produced a fixed length output ^ H(x) is easy to compute (by hardware, software) ^ One-way
: given code h, it is computationally infeasible to find x: H(x)=h Weak collision resistance
: given x, computationally
infeasible to find y so H(x)=H(y) Strong collision resistance
: Computationally
infeasible to find x, y so H(x)=H(y)
Cryptography and Network Security
increasing power of brute-force attacks leading to evolution in algorithms from DES to AES in block ciphers from MD4 & MD5 to SHA-1 & RIPEMD-160 in hashalgorithms
Cryptography and Network Security
Such that they have the same hash code ^ Give good message to A to get signature ^ Replace good message with fraud message
Cryptography and Network Security
How many message variations needed so the successprobability is large, say 90%?
Cryptography and Network Security
^ Rabin, 1978 ^ Divide message M into fix-sized blocks M
i
^ Assume total n data blocks H=initial value^0 H=Emi
[Hii-
^ Hn
is the hash value
If still 64-bits code used
Cryptography and Network Security
^ Known signed hash code G ^ Construct n-2 desired message block Q
i
^ Compute H
=EQ[Hii
]i-
^ Generate 2
m/2^ random blocks X ^ For each X, Compute H
=EXn- [H]n-
^ Generate 2
m/2^ random blocks Y ^ For each Y, Compute H’
=Dn-1Y [G]
^ Find X, Y such that H
= H’n- n-
^ Then Q
, Q,…Q 12
, X,Y is a fraud messagen-
Cryptography and Network Security
Message Digest:MD5 (was mostly widely used) Secure Hash Algorithm: SHA-1 (from MD4) RIPEMD-160 HMAC
Cryptography and Network Security
in recent times have both brute-force & cryptanalyticconcerns
Cryptography and Network Security
Cryptography and Network Security
note this updates 1 word only of the buffer after 16 steps each word is updated 4 times
Cryptography and Network Security
collision resistant (hard to find collisions) direct security (no dependence on "hard" problems) fast, simple, compact favours little-endian systems (eg PCs)
Cryptography and Network Security
Berson 92 attacked any 1 round using differentialcryptanalysis (but can’t extend) Boer & Bosselaers 93 found a pseudo collision (againunable to extend) Dobbertin 96 created collisions on MD compressionfunction (but initial constants prevent exploit)