Cryptographic Hash Functions and Message Authentication Codes

9
CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION Cryptographic Hash Functions and Message Authentication Codes. James R. Price Grantham University

Transcript of Cryptographic Hash Functions and Message Authentication Codes

Page 1: Cryptographic Hash Functions and Message Authentication Codes

CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION

Cryptographic Hash Functions and Message Authentication Codes.

James R. Price

Grantham University

Page 2: Cryptographic Hash Functions and Message Authentication Codes

CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION

What is message authentication?

According to Bellare ( n.d. ), Message authentication allows one party—the sender—to

send a message to another party—the receiver—in such a way that if the message is

modified en route, then the receiver will almost certainly detect this. The goal of

message authentication is to ensure a message is coming from the correct sender and the

message has not been modified in transit.

Three alternative functions for authentication

Message Encryption

When dealing with databases and transmitted files, we often want

both confidentiality and data integrity. We want our records to be kept private and

unchanged in transit when being sent as a message. Authenticated message encryption is

the method we use to ensure this takes place. The idea of data encryption is, a one-way

function is easy to compute, but is hard to reverse.

Message Authentication Codes

A Message Authentication Code (MAC) is a fixed length identification

"fingerprint" of a variable sized message. A MAC is known as a cryptographic checksum

Page 3: Cryptographic Hash Functions and Message Authentication Codes

CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION

or as an authentication tag. A MAC can be produced by appending a secret key to the

message and then hashing the composite message. The resulting hash code is the MAC.

Hash Function. 

A hash function, like a MAC, takes a variable sized input message and produces a

fixed-sized output. The output is usually referred to as the hash code, or the hash value,

or the message digest. A hashing message is used to authenticate the integrity of the sent

message.

Role of a compression function in a hash function

According to Damgard. (1990), A compression function takes a fixed length input

and returns a shorter, fixed-length output. Then a hash function can be defined by means

of repeated applications of the compression function until the entire message has been

processed. In this process, a message of arbitrary length is broken into blocks of a certain

length which depends on the compression function, and "padded" (for security reasons)

so that the size of the message is a multiple of the block size. The blocks are then

processed sequentially, taking as input the result of the hash so far and the current

message block, with the final output being the hash value for the message.

Classical applications of hash functions

Page 4: Cryptographic Hash Functions and Message Authentication Codes

CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION

Some common Hashing algorithms include: MD-5, SHA-1, and the SHA-2 family

of hashing algorithms. The hash code provides data integrity and the encryption provides

confidentiality. In a symmetric-key encryption based scheme, the message and its hash

code are concatenated together to form a composite message that is then encrypted and

placed on the wire. The receiver decrypts the message and separates out its hash code,

which is then compared with the hash code calculated from the received message. An

efficient scheme variation can be used when confidentiality is not the issue but message

authentication is critical. In the variation only the hash code is encrypted. Only the

receiver with access to the secret key knows the real hash code for the message. So the

receiver can verify whether or not the message is authentic. In a public key encryption

application, the hash code of the message is encrypted with the sender’s private key. The

receiver can recover the hash code with the sender’s public key and authenticate the

message as indeed coming from the proper sender.

Difference between message authentication code and a one-way hash function. 

The big difference between a message authentication code and a one-way hash

function is, while hashes are used to guarantee the integrity of data, a MAC guarantees

integrity and authentication. The message digest from a hash function is generated from

the message itself, without any external input. Therefore, it cannot be used for

authentication of the user, just data integrity.

Page 5: Cryptographic Hash Functions and Message Authentication Codes

CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION

Characteristics needed in a secure hash function

For a hash function to be called secure, the following two conditions need to be

satisfied: It needs to be computationally infeasible to find a message that corresponds to a

given hash code and it needs to be computationally infeasible to find two different

messages that hash to the same hash code value. This is also referred to as the strong

collision resistance property of a hash function.

How a hash value can be secured so as to provide message authentication.

Message digests can be digitally signed using public key signature schemes. This

is effective at providing message authentication because, the private-key is used to create

digital signatures, and the public-key verifies signatures. Only the owner of the private-

key can create the digital signature, meaning it can be used to verify who created a

message. Anyone who knows the public key can verify the signature. Just the hash

portion of the message needs to be signed.

Digital signature VS. MAC

MAC differs from digital signatures in the sense that, in MAC values are both

generated and verified using a shared secret key. With a digital signature, the signatures

are generated with one key, and are verified with another.

Page 6: Cryptographic Hash Functions and Message Authentication Codes

CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION

Hash functions that are not collision resistant can become subject to a birthday

attack. This depends on the higher likelihood of collisions found between random attack

attempts and a fixed degree of permutations, as described in the birthday paradox.

Page 7: Cryptographic Hash Functions and Message Authentication Codes

CRYPTOGRAPHIC HASH FUNCTIONS AND MESSAGE AUTHENTICATION

References

Bellare, M. ( n.d. ) Retrieved from http://cseweb.ucsd.edu/~mihir/cse207/w-mac.pdf

Damgard. (1990) A design principle for hash functions. In Advances in Cryptology -

Crypto '89, pages 416-427, Springer-Verlag.

Kak, A (2013). Lecture 15: Hashing for Message Authentication. Purdue. Retrieved from

https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture15.pdf

Stallings, W (2014). Cryptography and Network Security Principles and Practice.

Pearson Education