DOCSLIB.ORG

Random Processes

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Random Processes Computer Security(CP24158) Public-Key Cryptography and Message Authentication (RSA) 부산대학교 공과대학 정보컴퓨터공학부 Learning Objectives Discuss Technical Detail Concerning: . Secure Hash Functions and HMAC . RSA & Diffie-Hellman Public-Key Algorithms 2 Simple Hash Functions Purpose is to produce a “fingerprint” of a file, message, or other block of data A one-way or secure hash function used in message authentication, digital signatures Accepts a variable-size message M as input and produces a fixed- size message digest H(M) as output in an iterative fashion One of simplest hash functions is the bit-by-bit exclusive-OR (XOR) of each block Ci = bi1 bi2 . bim . Effective data integrity check on random data . Less effective on more predictable data 3 Cryptograph Hash Function A cryptographic hash function takes a message of arbitrary length and creates a message digest of fixed length. There are two most promising cryptographic hash algorithms - SHA-512 and Whirlpool. Iterated Cryptographic Hash Function . The best way to create such function is using iteration, and used a necessary number of times. A compression function transforms one large fixed-length input into a shorter, fixed-length output. • Compresses an n-bit string to create an m-bit string, where n > m. The design of a compression function must be collision resistant. 4 Cryptograph Hash Function Properties of Secure Hash • H can be applied to a block of data of any size. 1. Functions . To be useful for • H produces a fixed-length output. message 2. authentication, • H(x) is relatively easy to compute for any given x, making both hardware and a hash function 3. software implementations practical. H must have the following • For any given code h, it is computationally infeasible to find x such that H(x) properties: = h. A hash function with this property is referred to as one-way or 4. preimage resistant. • For any given block x, it is computationally infeasible to find y≠x with H(y) = H(x). A hash function with this property is referred to as weak collision 5. resistant. • It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). • A hash function with this property is referred to as collision resistant or strong 6. collision resistant. 5 Cryptograph Hash Function Two Groups of Compression Functions . The compression function is made from scratch. A symmetric-key block cipher serves as a compression function. Groups of Compression Functions Hash Functions Hash Functions Made from Based on Block Scratch Ciphers Message Digest Secure Hash Matyas-Meyer Miyaguchi- Rabin Scheme (MD) Algorithms (SHA) Oseas Scheme Preneel Scheme • MD5: Divides message into blocks of 512 bits, and creates a 128-bit digest. – The digest size of 128-bit is too small to resist collision attack. 6 Iterated Cryptographic Hash Function Merkle-Damagard Scheme Rabin Scheme 7 Iterated Cryptographic Hash Function Matyas-Meyer-Oseas Scheme Miyaguchi-Preneel Scheme 8 SHA Secure Hash Algorithms (SHAs) . Originally developed by NIST/NSA in 1993 . Was revised in 1995 as SHA-1 • US standard for use with DSA(digital signature algorithm) signature scheme • standard is FIPS 180-1 1995, also Internet RFC3174 • produces 160-bit hash values . NIST issued revised FIPS 180-2 in 2002 • adds 3 additional versions of SHA • SHA-256, SHA-384, SHA-512 • with 256/384/512-bit hash values • same basic structure as SHA-1 but greater security NIST phased out SHA-1 use Characteristics of SHAs 9 SHA-512 Structure SHA-512 creates a 512-bit message digest out of a message less than 2128. SHA-512 is based on the Merkle-Damgard scheme. Compression function in SHA-512 . Values of constants in message digest Initialization of SHA-512 10 SHA-512 Structure Padding and Length Field in SHA-512 . What is the number of padding bits if the length of the original message is 2590 bits? • The padding consists of one 1 followed by 353 0’s. A message block and the digest as words Word expansion in SHA-512 11 SHA-512 Structure Word Expansion in SHA-512 . How W60 is made • Each word in the range W16 to W79 is made from four previously-made words. • W60 is made as 12 SHA-512 Structure Structure of Each Round in Eighty constant, K0 to K79, used for SHA-512 eight rounds in SHA-512 13 Other Secure Hash Functions Most based on iterated hash function design . If compression function is collision resistant, so is resultant iterated hash function MD5 (RFC1321) . was a widely used hash developed by Ron Rivest . produces 128-bit hash, now too small . also have cryptanalytic concerns Whirlpool (NESSIE endorsed hash) . developed by Vincent Rijmen & Paulo Barreto . an iterated cryptographic hash function, based on the Miyaguchi-Preneel scheme, that uses AES derived W block cipher in place of the compression function. produces 512-bit hash 14 Whirlpool Whirlpool hash function General idea of the Whirlpool cipher 15 Whirlpool 16 HMAC Interest a MAC using a cryptographic hash . Due to speed and code availability Must incorporate key into use of hash algorithm HMAC (RFC2104) widely supported . used in IPsec, TLS & SET HMAC treats hash as “black box” HMAC proven secure if embedded hash function has reasonable cryptographic strength 17 Nested Message Authentication Code (MAC) Message Authentication Code . The security of a MAC depends on the security of the underlying hash algorithm Nested MAC 18 HMAC Structure Details of HMAC Details of CMAC 19 Security of HMAC Security based on underlying hash strength Either attacker computes output even with random secret IV . Brute force key O(2n), or use birthday attack Or attacker finds collisions in hash function even when IV is random and secret . i.e. find M and M‘’ such that H(M) = H(M‘’) . birthday attack O(2n/2) • A birthday attack is a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory. (from wikipedia) – The attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutation. – With a birthday attack, it is possible to find a collision of a hash function in 2n/2 being the classical preimage resistance security. 20 Key Management: Diffie-Hellman Key Exchange First published public-key algorithm A number of commercial products employ this key exchange technique Purpose of the algorithm is to enable two users to exchange a secret key securely that then can be used for subsequent encryption of messages . The algorithm itself is limited to the exchange of the keys Depends for its effectiveness on the difficulty of computing discrete logarithms 21 Key Management: Diffie-Hellman Key Exchange A Key Exchange Protocol . provide a secure way for two communicating party to share a symmetric key (so called a session key) . This session key is then used to provide privacy and authentication for subsequent message flow. History: problem first posed by Merkle at UC Berkeley, Diffie and Hellman came up with the protocol: Alice Bob a<p b<p ga mod p gb mod p Shared Session Key = gab mod p • W. Diffie, M. E. Hellman, “New directions in Cryptography”, IEEE Trans. Information Theory, IT-22, pp. 64-654, Nov 1976. 22 Key Management: Diffie-Hellman Key Exchange Example . Let us give a trivial example to make the procedure clear. Our example uses small numbers, but note that in a real situation, the numbers are very large. Assume that g = 7 and p = 23. The steps are as follows: 1. Alice chooses x = 3 and calculates R1 = 7^3 mod 23 = 21. 2. Bob chooses y = 6 and calculates R2 = 7^6 mod 23 = 4. 3. Alice sends the number 21 to Bob. 4. Bob sends the number 4 to Alice. 5. Alice calculates the symmetric key K = 4^3 mod 23 = 18. 6. Bob calculates the symmetric key K = 21^6 mod 23 = 18. 7. The value of K is the same for both Alice and Bob; gxy mod p = 7^(18) mod 35 = 18. 23 Security of Diffie-Hellman Man-in-the-middle (MITM) attack 24 RSA Public-Key Encryption By Rivest, Shamir & Adleman of MIT in 1977 Best known & widely used public-key algorithm Uses exponentiation of integers modulo a prime ∗ It works in group 푍푛 Based on the assumed one-way property of modular powering Public-key encryption algorithm with . Public key PU = {e, n} & private key PR = {d, n}. Encrypt: C = Me mod n easy . Decrypt: M = Cd mod n = (Me)d mod n = M hard . Both sender and receiver know values of n and e . Only receiver knows value of d 25 RSA Public-Key Encryption Complexity of operations in RSA Encryption, decryption, and key generation in RSA 26 RSA Public-Key Encryption Two Algebraic Structures R = <Z , +, × > . Encryption/Decryption Ring: n × . Key-Generation Group: G = <Z f(n)∗, > Proof of RSA . Looking for a trapdoor: (xe)d mod n = x • If d is a number such that ed=1 mod f(n), then ed=kf(n)+1 for some k, and . Because of Euler's Theorem: • aø(n)mod N = 1 – where gcd(a, N)=1 • In RSA have: – N=p.q, ø(N)=(p-1)(q-1) – carefully chosen e & d to be inverses mod ø(N) – Hence, e·d=1+k.ø(N) for some k • Hence : Cd = (Me)d = M1+k.ø(N) = M1.(Mø(N))q = M1.(1)q = M1 = M mod N 27 RSA Public-Key Encryption RSA Key Setup . Each user generates a public/private key pair by: • selecting two large primes at random - p, q • computing their system modulus N=p·q – note ø(N)=(p-1)(q-1) • selecting at random the encryption key e – where 1<e<ø(N), gcd(e, ø(N))=1 • solving following equation to find decryption key d – e·d=1 mod ø(N) and 0≤d≤N .
Load more

Recommended publications
  • Hello, and Welcome to This Presentation of the STM32MP1 Hash Processor
    Hello, and welcome to this presentation of the STM32MP1 hash processor. 1 Hash peripheral is in charge of efficient computing of message digest. A digest is a fixed-length value computed from an input message. A digest is unique - it is virtually impossible to find two messages with the same digest. The original message cannot be retrieved from its digest. Hash digests and Hash-based Message Authentication Code (HMAC) are widely used in communication since they are used to guarantee the integrity and authentication of a transfer. 2 HASH1 is a secure peripheral (under ETZPC control through ETZPC_DECPROT0 bit 8) while HASH2 is a non secure peripheral. HASH1 instance can be allocated to: • The Arm® Cortex®-A7 secure core to be controlled in OP-TEE by the HASH OP-TEE driver or • The Arm® Cortex® -A7 non-secure core for using in Linux® with Linux Crypto framework HASH2 instance can be allocated to the Arm® Cortex®-M4 core to be controlled in the STM32Cube MPU Package using the STM32Cube HASH driver. HASH1 instance is used as boot device to support binary authentication. 3 The hash processor supports widely used hash functions including Message Digest 5 (MD5), Secure Hash Algorithm SHA-1 and the more recent SHA-2 with its 224- and 256-bit digest length versions. A hash can also be generated with a secrete-key to produce a message authentication code (MAC). The processor supports bit, byte and half-word swapping. It supports also automatic padding of input data for block alignment. The processor can be used in conjunction with the DMA for automatic processor feeding.
    [Show full text]
  • Downloaded on 2017-02-12T13:16:07Z HARDWARE DESIGNOF CRYPTOGRAPHIC ACCELERATORS
    Title Hardware design of cryptographic accelerators Author(s) Baldwin, Brian John Publication date 2013 Original citation Baldwin, B.J., 2013. Hardware design of cryptographic accelerators. PhD Thesis, University College Cork. Type of publication Doctoral thesis Rights © 2013. Brian J. Baldwin http://creativecommons.org/licenses/by-nc-nd/3.0/ Embargo information No embargo required Item downloaded http://hdl.handle.net/10468/1112 from Downloaded on 2017-02-12T13:16:07Z HARDWARE DESIGN OF CRYPTOGRAPHIC ACCELERATORS by BRIAN BALDWIN Thesis submitted for the degree of PHD from the Department of Electrical Engineering National University of Ireland University College, Cork, Ireland May 7, 2013 Supervisor: Dr. William P. Marnane “What I cannot create, I do not understand” - Richard Feynman; on his blackboard at time of death in 1988. Contents 1 Introduction 1 1.1 Motivation...................................... 1 1.2 ThesisAims..................................... 3 1.3 ThesisOutline................................... 6 2 Background 9 2.1 Introduction.................................... 9 2.2 IntroductiontoCryptography. ...... 10 2.3 MathematicalBackground . ... 13 2.3.1 Groups ................................... 13 2.3.2 Rings .................................... 14 2.3.3 Fields.................................... 15 2.3.4 FiniteFields ................................ 16 2.4 EllipticCurves .................................. 17 2.4.1 TheGroupLaw............................... 18 2.4.2 EllipticCurvesoverPrimeFields . .... 19 2.5 CryptographicPrimitives&Protocols
    [Show full text]
  • Recommendation for Applications Using Approved Hash Algorithms
    Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Archived Publication Series/Number: NIST Special Publication 800-107 Title: Recommendation for Applications Using Approved Hash Algorithms Publication Date(s): February 2009 Withdrawal Date: August 2012 Withdrawal Note: SP 800-107 is superseded in its entirety by the publication of SP 800-107 Revision 1 (August 2012). Superseding Publication(s) The attached publication has been superseded by the following publication(s): Series/Number: NIST Special Publication 800-107 Revision 1 Title: Recommendation for Applications Using Approved Hash Algorithms Author(s): Quynh Dang Publication Date(s): August 2012 URL/DOI: http://dx.doi.org/10.6028/NIST.SP.107r1 Additional Information (if applicable) Contact: Computer Security Division (Information Technology Lab) Latest revision of the SP 800-107 Rev. 1 (as of August 12, 2015) attached publication: Related information: http://csrc.nist.gov/ Withdrawal N/A announcement (link): Date updated: ƵŐƵƐƚϭϮ, 2015 NIST Special Publication 800-107 Recommendation for Applications Using Approved Hash Algorithms Quynh Dang Computer Security Division Information Technology Laboratory C O M P U T E R S E C U R I T Y February 2009 U.S. Department of Commerce Otto J. Wolff, Acting Secretary National Institute of Standards and Technology Patrick D. Gallagher, Deputy Director NIST SP 800-107 Abstract Cryptographic hash functions that compute a fixed- length message digest from arbitrary length messages are widely used for many purposes in information security. This document provides security guidelines for achieving the required or desired security strengths when using cryptographic applications that employ the approved cryptographic hash functions specified in Federal Information Processing Standard (FIPS) 180-3.
    [Show full text]
  • Secure Hash Algorithms
    Keywords: secure hash, 1-wire, i2c, iButton, parasitic power, security, sha1, sha2, sha3, sha256, sha3-256, authentication, intellectual property protection, puf, physically unclonable function, chipdna, eeprom, cloning, counterfeit, medical disposables APPLICATION NOTE 7015 BACK TO BASICS: SECURE HASH ALGORITHMS Abstract: This application note goes over the basics of Secure Hash Algorithms (SHA) and discusses the variants of the algorithm. It then briefly touches on how the algorithm is used for authentication, including the concept of a Hashed Message Authentication Code (HMAC). It concludes by looking at some of the Maxim secure authenticators that can be used to very easily deploy SHA algorithms for security applications. Introduction In this application note, we will discuss the Secure Hash Algorithms (SHA) that are widely used in symmetric key cryptography. The basic idea behind a SHA function is to take data of variable size and condense it into a fixed-size bit string output. This concept is called hashing. The SHA functions are a family of hashing algorithms that have been developed over time through oversight by the National Institute of Standards and Technology (NIST). The latest of these is the SHA-3 function. Maxim has a family of secure authenticator products that provide both SHA-2 and SHA-3 functions. Figure 1 shows the basic concept of secure hash generation. Figure 1. Secure hash generation, basic concept. SHA Characteristics The SHA functions have the following characteristics: They have variable input length and fixed output length. They are one-way functions. Figure 1 shows that it is infeasible to use the resultant hash value to regenerate the input text other than trying each possible input text.
    [Show full text]
  • Year 2010 Issues on Cryptographic Algorithms
    IMES DISCUSSION PAPER SERIES Year 2010 issues on cryptographic algorithms Masashi Une and Masayuki Kanda Discussion Paper No. 2006-E-8 INSTITUTE FOR MONETARY AND ECONOMIC STUDIES BANK OF JAPAN C.P.O BOX 203 TOKYO 100-8630 JAPAN You can download this and other papers at the IMES Web site: http://www.imes.boj.or.jp Do not reprint or reproduce without permission. NOTE: IMES Discussion Paper Series is circulated in order to stimulate discussion and comments. Views expressed in Discussion Paper Series are those of authors and do not necessarily reflect those of the Bank of Japan or the Institute for Monetary and Economic Studies. IMES Discussion Paper Series 2006-E-8 June 2006 Year 2010 issues on cryptographic algorithms Masashi Une† and Masayuki Kanda* Abstract In the financial sector, cryptographic algorithms are used as fundamental techniques for assuring confidentiality and integrity of data used in financial transactions and for authenticating entities involved in the transactions. Currently, the most widely used algorithms appear to be two-key triple DES and RC4 for symmetric ciphers, RSA with a 1024-bit key for an asymmetric cipher and a digital signature, and SHA-1 for a hash function according to international standards and guidelines related to the financial transactions. However, according to academic papers and reports regarding the security evaluation for such algorithms, it is difficult to ensure enough security by using the algorithms for a long time period such as ten or fifteen years due to advances in cryptanalysis techniques, improvement of computing power and so on. In order to enhance the transition to more secure ones, NIST (National Institute of Standards and Technology) of the United States describes in various guidelines that NIST will no longer approve two-key triple DES, RSA with a 1024-bit key, and SHA-1 as the algorithms suitable for IT systems of the Federal Government after 2010.
    [Show full text]
  • Attacks on and Advances in Secure Hash Algorithms
    IAENG International Journal of Computer Science, 43:3, IJCS_43_3_08 ______________________________________________________________________________________ Attacks on and Advances in Secure Hash Algorithms Neha Kishore, Member IAENG, and Bhanu Kapoor service but is a collection of various services. These services Abstract— In today’s information-based society, encryption include: authentication, access control, data confidentiality, along with the techniques for authentication and integrity are non-repudiation, and data integrity[1]. A system has to key to the security of information. Cryptographic hashing ensure one or more of these depending upon the security algorithms, such as the Secure Hashing Algorithms (SHA), are an integral part of the solution to the information security requirements for a particular system. For example, in problem. This paper presents the state of art hashing addition to the encryption of the data, we may also need algorithms including the security challenges for these hashing authentication and data integrity checks for most of the algorithms. It also covers the latest research on parallel situations in the dynamic context [2]. The development of implementations of these cryptographic algorithms. We present cryptographic hashing algorithms, to ensure authentication an analysis of serial and parallel implementations of these and data integrity services as part of ensuring information algorithms, both in hardware and in software, including an analysis of the performance and the level of protection offered security, has been an active area of research. against attacks on the algorithms. For ensuring data integrity, SHA-1[1] and MD5[1] are the most common hashing algorithms being used in various Index Terms—Cryptographic Hash Function, Parallel types of applications.
    [Show full text]
  • Recommendation for Applications Using Approved Hash Algorithms
    The attached DRAFT document (provided here for historical purposes) has been superseded by the following publication: Publication Number: NIST Special Publication (SP) 800-107 Revision 1 Title: Recommendation for Applications Using Approved Hash Algorithms Publication Date: 08/24/2012 • Final Publication: http://dx.doi.org/10.6028/NIST.SP.800-107r1 (which links to http://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-107r1.pdf). • Related Information on CSRC: http://csrc.nist.gov/publications/PubsSPs.html#800-107r1 • Information on other NIST Computer Security Division publications and programs can be found at: http://csrc.nist.gov/ The following information was posted with the attached DRAFT document: Sept. 14, 2011 SP 800-107 Revised DRAFT Recommendation for Applications Using Approved Hash Algorithms NIST requests comments on Draft (Revised) Special Publication 800-107. This Special Publication provides security guidelines for achieving the desired security strengths of several cryptographic applications that employ the approved cryptographic hash functions specified in FIPS 180-4. The current version of this document was published in February 2009. This revision includes the security properties for SHA-512/224 and SHA-512/256, provides additional security information about HMAC and revises the discussions on hash-based Key Derivation Functions. Please provide comments by October 31st, 2011 to Revised_SP- 800-107_Comments @ nist.gov, with “Comments on Revised_SP-800-107” in the subject line. Draft NIST Special Publication 800-107 (Revised) Recommendation for Applications Using Approved Hash Algorithms Quynh Dang Computer Security Division Information Technology Laboratory C O M P U T E R S E C U R I T Y September 2011 U.S.
    [Show full text]
  • A Novel Secure Hash Algorithm for Public Key Digital Signature Schemes
    262 The International Arab Journal of Information Technology, Vol. 9, No. 3, May 2012 A Novel Secure Hash Algorithm for Public Key Digital Signature Schemes Thulasimani Lakshmanan 1 and Madheswaran Muthusamy 2 1Department of Electronic and Communication Engineering, PSG College of Technology, India 2Department of Electronics and Communication Engineering, Muthayammal Engineering College, India Abstract: Hash functions are the most widespread among all cryptographic primitives, and are currently used in multiple cryptographic schemes and in security protocols. This paper presents a new Secure Hash Algorithm called (SHA-192). It uses a famous secure hash algorithm given by the National Institute of Standard and Technology (NIST).The basic design of SHA- 192 is to have the output length of 192.The SHA-192 has been designed to satisfy the different level of enhanced security and to resist the advanced SHA attacks. The security analysis of the SHA-192 is compared to the old one given by NIST and gives more security and excellent results as shown in our discussion. In this paper the digital signature algorithm which is given by NIST has been modified using the proposed algorithms SHA-192. Using proposed SHA-192 hash algorithm a new digital signature schemes is also proposed. The SHA-192 can be used in many applications such s public key cryptosystem, digital signcryption, message authentication code, random generator and in security architecture of upcoming wireless devices like software defined radio etc. Keywords: Data integrity, hash algorithm, digital signature, pre-image, message digest, message authentication. Received December 1, 2009; accepted August 10, 2010 1. Introduction attack (given a message M, find a message M-M’ with H(M)=H(M’)).
    [Show full text]
  • Attacks on Cryptographic Hash Functions and Advances Arvind K
    INTERNATIONAL JOURNAL OF INFORMATION AND COMPUTING SCIENCE ISSN NO: 0972-1347 Attacks on Cryptographic Hash Functions and Advances Arvind K. Sharma1, Dr.S.K. Mittal2, Dr.Sumit Mittal3 1,3 Department of Computer Applications (MMICT&BM) Maharishi Markandeshwar University, Mullana, Ambala (Haryana), India University School of Engineering & Technology2 Rayat Bahra University, Sahibzada Ajit Singh Nagar (Punjab), India Email: [email protected], [email protected], [email protected] Abstract: −− Cryptographic Hash Functions have a distinct importance in the area of Network Security or Internet Security as compare to Symmetric and Public Key Encryption-Decryption techniques. Major issues primarily which resolved by any hash algorithm, are to manage the Integrity and Authenticity of messages which are to be transmitting between communicating parties and users with digital signatures. Hash function also utilized for fixed length secrect key generation in Symmetric and Public Key Cryptosystems. Different level of security provided by different algorithms depending on how difficult is to break them. The most well-known hash algorithms are MD4, MD5, SHA, JH, Skein, Grøstl, Blake, Hamsi, Fugue, Crush, Whirlpool, Tav etc. In this paper we are discussing importance of hash functions, hash functions widely used in networking, most importantly various Attacks applicable on hash functions and compression functions utilized by hash functions. Keywords: Algorithms; Compression Function, Cipher; Stream; Block; Confidentiality; Integity; Authentication; Server; Message-Digest, Message-Block, Non-repudation;Differential; Communication between at-least two parties using a network may uses Encryption-Decryption 1. Introduction techniques to maintain privacy. And for Security and Privacy in interconnected authentication purpose apart from Encryption- domain means to preserve the Confidentiality, Decryption techniques Hash Functions most Integrity and Authenticity of messages as well as widely used.
    [Show full text]
  • Lecture 16 October 27, 2020
    Outline Common Hash Functions Hashed Data Structures Appendix CPSC 467: Cryptography and Security Michael J. Fischer Lecture 16 October 27, 2020 CPSC 467, Lecture 16, October 27, 2020 1/36 Outline Common Hash Functions Hashed Data Structures Appendix Common Hash Functions SHA-2 SHA-3 MD5 Hashed Data Structures Motivation: Peer-to-peer file sharing networks Hash lists Hash Trees Appendix: Birthday Attack Revisited CPSC 467, Lecture 16, October 27, 2020 2/36 Outline Common Hash Functions Hashed Data Structures Appendix Common Hash Functions CPSC 467, Lecture 16, October 27, 2020 3/36 Outline Common Hash Functions Hashed Data Structures Appendix Popular hash functions Many cryptographic hash functions are currently in use. For example, the openssl library includes implementations of MD2, MD4, MD5, MDC2, RIPEMD, SHA, SHA-1, SHA-256, SHA-384, and SHA-512. The SHA-xxx methods (otherwise known as SHA-2) are recommended for new applications, but these other functions are also in widespread use. CPSC 467, Lecture 16, October 27, 2020 4/36 Outline Common Hash Functions Hashed Data Structures Appendix SHA-2 SHA-2 SHA-2 is a family of hash algorithms designed by NSA known as SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256. They produce message digests of lengths 224, 256, 384, or 512 bits. They comprise the current Secure Hash Standard (SHS) and are described in FIPS 180{4. It states, \Secure hash algorithms are typically used with other cryp- tographic algorithms, such as digital signature algorithms and keyed-hash message authentication codes, or in the generation of random numbers (bits)." CPSC 467, Lecture 16, October 27, 2020 5/36 Outline Common Hash Functions Hashed Data Structures Appendix SHA-2 SHA-1 broken SHA-1 was first described in 1995.
    [Show full text]
  • Draft (Dated April 2005), Has Been Superseded and Is Provided Here Only for Historical Purposes
    ARCHIVED PUBLICATION The attached publication, NIST Special Publication 800-57 Part 1, Draft (dated April 2005), has been superseded and is provided here only for historical purposes. For the most current revision of this publication, see: http://csrc.nist.gov/publications/PubsSPs.html#800-57- part1. NIST Special Publication 800-57 Recommendation for Key DRAFT (April, 2005) Management – Part 1: General Elaine Barker, William Barker, William Burr, William Polk, and Miles Smid C O M P U T E R S E C U R I T Y April, 2005 Abstract This Recommendation provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and best practices for the management of cryptographic keying material. Part 2 provides guidance on policy and security planning requirements for U.S. government agencies. Finally, Part 3 provides guidance when using the cryptographic features of current systems. KEY WORDS: assurances; authentication; authorization; availability; backup; compromise; confidentiality; cryptanalysis; cryptographic key; cryptographic module; digital signature; hash function; key agreement; key management; key management policy; key recovery; key transport; originator usage period; private key; public key; recipient usage period; secret key; split knowledge; trust anchor. 2 April, 2005 Authority This document has been developed by the National Institute of Standards and Technology (NIST) in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. NIST is responsible for developing standards and guidelines, including minimum requirements, for providing adequate information security for all agency operations and assets, but such standards and guidelines shall not apply to national security systems.
    [Show full text]
  • Means and Methods to Compromise Common Hash Algorithms
    1 C0D3 CR4CK3D: Means and Methods to Compromise Common Hash Algorithms Kevin C. Redmon, Graduate Student in Information Security, East Carolina University another way to verify our data files. Abstract — There are currently several different hashing In comes hashing as we know it today. The modern algorithms in use today. These include LM, MD5, SHA-1, and hashing algorithms are designed to help verify the integrity of SHA-2, among many others. We use these algorithms for many a data element. Yet, as our needs to verify file contents and different purposes – data fingerprinting, digital signatures, and data transmissions evolve, we continually realize that better message authentication codes. In these applications, there is one common element – the hashing algorithm takes a piece of data solutions and algorithms are needed. Better hashing that is likely bigger in size and reduces it to a shorter, “unique” algorithms are constantly in the works. However, as the past identifier, called a hash. If the data changes in a slight way, the would indicate, cryptographers and hackers alike continue to resulting hash can change quite drastically, some times impacting find issues with each successive algorithm that is released. As ~50% of the bits in the resulting hash [1]. Furthermore, to create one algorithm is broken, another is developed – so the cycle the same hash from two different data elements becomes continues. This paper will discuss the means and methods increasingly more difficult as the length of the hash increases. These algorithms and the resulting hash, were designed to used to compromise these hashing functions and ways to provide security and confidence to the user that the data is protect yourself, and your data.
    [Show full text]