IJCST VOL . 8, Iss UE 2, APR I L - JUNE 2017 ISSN : 0976-8491 (Online) | ISSN : 2229-4333 (Print) Survey of Cryptographic Hashing Algorithms for Message Signing 1Ankit Kumar Jain, 2Rohit Jones, 3Puru Joshi 1,2,3Dept. of Computer Engineering, NMIMS Shirpur, Maharashtra, India Abstract E. Hashing In the world of computing, there is always a need for unique values It is used to represent a digital file, message or any entity into to be generated for numerous applications. Various methods exist a shorter, fixed length and unique string of characters in such a with the most common being reliant on an instance of time. But manner that the hash computed for the digital entity will always when we need to generate a unique value, based on an input factor be the same and it is impossible to retrieve the original digital such that the exact same value is generated, every time the input entity from its hash string. factor is the same, cryptographic hashing functions get the job done. Cryptographic hashing functions have many uses like digital Cryptographic hash functions map strings (messages) of almost signatures, message authentication, checksum generation, digital arbitrary length to strings of a fixed, short length, typically fingerprinting and securing passwords in a database. In this paper, somewhere between 128 and 512 bits [1]. Many different terms we review and compare multiple hashing algorithms by different have been used for the output string. criteria with emphasis on message authentication. Among these are the hash, the hash value, and the message Keywords digest. A hash function is expected to be very efficient. Different Cryptography, Hash, SHA, MD, Keccak, BLAKE, Message applications expect different properties of the hash function, but Digest, Merkle–Damgård some properties are always expected [2]. I. Introduction 1. A hash function H is always expected to be one-way. This Cryptography is often defined as the enciphering and deciphering means that given a randomly chosen image y, it is difficult of messages in secret code or cipher. Usually, cryptography (i.e., impossible in practice) to find a message x such that F(x) is associated with security but it is just a facet of the overall = y. Attacks that attempt to break this property of a hash are security of a system. While, Cryptanalysis can be defined as termed as pre-image attacks. study, development and execution of tools and techniques that 2. The hash of a message obtained from a hash function, should are used to undermine or compromise the integrity, security or be equivalent to a digital fingerprint, such that two different effectiveness of a cryptographic system. The term Cryptology is messages also have different hash values. Attacks that attempt associated with the combination of both the above topics. that is, to break this property of a hash are termed as hash collision cryptography and cryptanalysis. The field of cryptography has attacks. many different applications, most of which can be deemed to be a 3. Theoretically, it is possible for two different messages to separate field. Some important and commons uses of cryptography generate the same hash, due to the nature of limited output are as follows: space, but the hash function should compute the hash in such a manner that it is practically infeasible to find such messages A. Encryption [3]. It is defined as the process of converting some information from one form to another, with the intent of hiding the original message A graphical representation of the above attacks is shown in Figure in such a way that, no-one other than the intended recipient of the 1 to help understand the concepts better. message can understand the meaning of the encrypted message. B. Decryption It can be defined as the reverse process of encryption, that is, the conversion of an encrypted message into its original meaning. C. Authentication It can be defined as the process that is used to prove that something is real, authentic, true or genuine. Authentication is used extensively on the internet to grant access to users who rightfully can have access and deny those who don’t. D. Digital Signatures Just like physically signing a document to prove its authenticity, digital signatures are used to achieve the same concept but for digital goods and services. Just like with physical signatures, it is very difficult to copy or forge digital signatures if not impossible. Fig. 1: Different Types of Attacks on Hashing Algorithms 18 INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND TECHNOLOGY www.ijcst.com ISSN : 0976-8491 (Online) | ISSN : 2229-4333 (Print) IJCST VOL . 8, Iss UE 2, APR I L - JUNE 2017 Many popular cryptographic hashing algorithms like MD5, that it is weak to pre-image attacks. MD6, SHA1, SHA2 and BLAKE2 use the Merkle-Damgård [16] construction to achieve collision resistance. C. Message Digest 5 (MD5) The working of the Merkle-Damgård construction is as follows. MD-5 is a cryptographic hashing algorithm that was developed The input to the structure is a multiple of a fixed number (example: by Ronald Rivest in 1991, to produces a 128 bits fixed length 512 or 1024) which is achieved by padding the input message, hash value [12]. MD5 is the successor of the flawed MD4 and as the construction does not allow an arbitrary sized input. The was designed around the features and performance of 32-bit input message is then spit into multiple message blocks of a processors in mind but is in fact slower than MD4 but bears fixed size after which they are processed by the compression heavy resemblance to MD4. An emphasis on 32-bit processors function in a sequential fashion such that the output of the previous is done because, the four word buffers (A, B, C, D) that are used message block’s compression is combined with the input of the to compute the message digest are, each, a 32-bit register. The next message block’s compression. As a security measure, the main process of MD5 is very like MD4 and contains the same message’s original length is hidden by padding the message. The phases of appending padding bits followed but appending the first message block, does not have any previous message block length of the original message followed the initialization of the whose compression are to be combined to use as an input, hence, MD buffers followed by processing the message in 16-word blocks an initialization vector is used in its place. The final stage of the which consists of 64 operations, grouped in four rounds of 16 construction, implements a finalization function that is used for operations followed by the final output. In 2005 Xiaoyun Wang many purposes such as compressing a big internal state into a and Hongbo Yu demonstrated that it was possible to perform a smaller one, guarantying better mixing and obtaining a better modular differential attack and break the collision resistance of avalanche effect.\ MD5. MD-5 is broken regarding collisions, but not in regard of pre-images or second-pre-images. D. Secure Hash Algorithm 1 (SHA-1) SHA-1 is a cryptographic hashing algorithm that was developed by the NIST [4] in 1993 to produce a 160-bit message digest. SHA-1 bears a remarkable similarity to the MD5 cryptographic hashing algorithm. At one point of time, it was the most preferred Fig. 2: Standard Merkle-Damgård Construction hashing algorithms for integrity checking due to its time efficiency and versatility. Post 2010, It is no longer actively used as it was II. Study of hashing algorithms proved to be venerable to hash collisions by Marc Stevens, with This section gives a brief description of different hashing algorithms a complexity of 261 operations [5]. and their working. E. Secure Hash Algorithm (SHA-2) A. Message Digest 2 (MD2) SHA-2 is a cryptographic hashing algorithm that was developed MD2 is a cryptographic hashing algorithm that was published in by NSA. It has two variations namely SHA-256 and SHA-512 1989 and is used to generate message digests of 128 bits by using [13]. The primary difference between the two variants are the a compression function of 18 rounds [10]. Post 2004, MD2 is size of the words used. While SHA-256 uses 32-bit words, SHA- known to be susceptible to preimage attacks of time complexity 512 uses 64-bit words. Although, neither SHA-256 nor SHA-512 equivalent to 2104 applications of the compression function have been proved to be flawed, they are still not preferred for (Muller, 2004). Hence in the words of the MD2 author, “MD 2 integrity verification as they are not as efficient as SHA-1 in terms can no longer be considered a secure one-way hash function”. Post of time complexities. Also, as SHA-2 is derived from SHA-1 2008, MD2 was shown to be more vulnerable and exploitable than which in turn is based on the MerkleDamgård structure, that was it was initially thought out to be with successful preimage attacks exploited to break the SHA-1 cryptographic hashing algorithm, being carried out with a time complexity of 273 compression thus, theoretically SHA-2 can also be broken. function evaluations making it more feasible to exploit and more dangerous to use. MD2 is also proved to be susceptible to collision F. Secure Hash Algorithm 3 (SHA-3) attacks, in 2009, of time complexity of 263.3 compression function SHA-3 is a cryptographic hashing algorithm that was chosen by evaluations. the NSA in 2012 after a public competition among non-NSA designers [14]. The prior name of the SHA-3 hashing algorithm B.