Cryptographic Hash Functions and Message Authentication Codes
-
Upload
jamesprice -
Category
Documents
-
view
219 -
download
4
Transcript of Cryptographic Hash Functions and Message Authentication Codes
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION
Cryptographic Hash Functions and Message Authentication Codes.
James R. Price
Grantham University
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION
What is message authentication?
According to Bellare ( n.d. ), Message authentication allows one party—the sender—to
send a message to another party—the receiver—in such a way that if the message is
modified en route, then the receiver will almost certainly detect this. The goal of
message authentication is to ensure a message is coming from the correct sender and the
message has not been modified in transit.
Three alternative functions for authentication
Message Encryption
When dealing with databases and transmitted files, we often want
both confidentiality and data integrity. We want our records to be kept private and
unchanged in transit when being sent as a message. Authenticated message encryption is
the method we use to ensure this takes place. The idea of data encryption is, a one-way
function is easy to compute, but is hard to reverse.
Message Authentication Codes
A Message Authentication Code (MAC) is a fixed length identification
"fingerprint" of a variable sized message. A MAC is known as a cryptographic checksum
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION
or as an authentication tag. A MAC can be produced by appending a secret key to the
message and then hashing the composite message. The resulting hash code is the MAC.
Hash Function.
A hash function, like a MAC, takes a variable sized input message and produces a
fixed-sized output. The output is usually referred to as the hash code, or the hash value,
or the message digest. A hashing message is used to authenticate the integrity of the sent
message.
Role of a compression function in a hash function
According to Damgard. (1990), A compression function takes a fixed length input
and returns a shorter, fixed-length output. Then a hash function can be defined by means
of repeated applications of the compression function until the entire message has been
processed. In this process, a message of arbitrary length is broken into blocks of a certain
length which depends on the compression function, and "padded" (for security reasons)
so that the size of the message is a multiple of the block size. The blocks are then
processed sequentially, taking as input the result of the hash so far and the current
message block, with the final output being the hash value for the message.
Classical applications of hash functions
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION
Some common Hashing algorithms include: MD-5, SHA-1, and the SHA-2 family
of hashing algorithms. The hash code provides data integrity and the encryption provides
confidentiality. In a symmetric-key encryption based scheme, the message and its hash
code are concatenated together to form a composite message that is then encrypted and
placed on the wire. The receiver decrypts the message and separates out its hash code,
which is then compared with the hash code calculated from the received message. An
efficient scheme variation can be used when confidentiality is not the issue but message
authentication is critical. In the variation only the hash code is encrypted. Only the
receiver with access to the secret key knows the real hash code for the message. So the
receiver can verify whether or not the message is authentic. In a public key encryption
application, the hash code of the message is encrypted with the sender’s private key. The
receiver can recover the hash code with the sender’s public key and authenticate the
message as indeed coming from the proper sender.
Difference between message authentication code and a one-way hash function.
The big difference between a message authentication code and a one-way hash
function is, while hashes are used to guarantee the integrity of data, a MAC guarantees
integrity and authentication. The message digest from a hash function is generated from
the message itself, without any external input. Therefore, it cannot be used for
authentication of the user, just data integrity.
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION
Characteristics needed in a secure hash function
For a hash function to be called secure, the following two conditions need to be
satisfied: It needs to be computationally infeasible to find a message that corresponds to a
given hash code and it needs to be computationally infeasible to find two different
messages that hash to the same hash code value. This is also referred to as the strong
collision resistance property of a hash function.
How a hash value can be secured so as to provide message authentication.
Message digests can be digitally signed using public key signature schemes. This
is effective at providing message authentication because, the private-key is used to create
digital signatures, and the public-key verifies signatures. Only the owner of the private-
key can create the digital signature, meaning it can be used to verify who created a
message. Anyone who knows the public key can verify the signature. Just the hash
portion of the message needs to be signed.
Digital signature VS. MAC
MAC differs from digital signatures in the sense that, in MAC values are both
generated and verified using a shared secret key. With a digital signature, the signatures
are generated with one key, and are verified with another.
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION
Hash functions that are not collision resistant can become subject to a birthday
attack. This depends on the higher likelihood of collisions found between random attack
attempts and a fixed degree of permutations, as described in the birthday paradox.
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION
References
Bellare, M. ( n.d. ) Retrieved from http://cseweb.ucsd.edu/~mihir/cse207/w-mac.pdf
Damgard. (1990) A design principle for hash functions. In Advances in Cryptology -
Crypto '89, pages 416-427, Springer-Verlag.
Kak, A (2013). Lecture 15: Hashing for Message Authentication. Purdue. Retrieved from
https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture15.pdf
Stallings, W (2014). Cryptography and Network Security Principles and Practice.
Pearson Education