Comparative Analysis of Cryptographic Hash Functions

Comparative Analysis of Cryptographic Hash Functions

COMPARATIVE ANALYSIS OF CRYPTOGRAPHIC HASH FUNCTIONS 1ARVIND K. SHARMA, 2S.K. MITTAL 1Department of Computer Applications (MMICTBM), Maharishi Markandeshwar University, Mullana, Ambala (Haryana), India 2University School Of Engineering & Technology, Rayat Bahra University, Sahibzada Ajit Singh Nagar (Punjab), India E-mail: [email protected], [email protected] Abstract - Hash Functions play a very crucial role in the area of Network Security and Cryptography. The major issues to which any hash algorithms deal with, are to check the Integrity, Authenticity of Data which is transmitting between parties and Users with digital signatures. Hash function also used for key generation in Symmetric and Public Key Cryptosystems. Different level of security provided by different algorithms depending on how difficult is to break them. The most well- known hash algorithms are MD4, MD5, SHA-1, SHA-2 and SHA-3, JH, Skein, Grøstl, Blake, Hamsi, Fugue, Crush, Whirlpool, Tav etc. In this paper we are discussing importance of hash functions, description about various well known hash functions widely used, various attacks applicable on hash functions, and comparative analysis of various hash algorithms and progressive implementation in this area. Keywords - Algorithms; Encryption; Decryption; Cipher; Confidentiality; Integity; Authentication; Server; Message-Digest, Message-Block; I. INTRODUCTION E-mailed by valid user or the data received is actual one and not manipulated. All these issues resolved by Security in Interconnected Environment means to proving the authenticity of data and user with the help maintain the Confidentiality, Integrity and Availabilty of hash function individually or with digital of resources to users plus manages the accountability signatures scheme. and authorization of resources. Network Security initializes with authorization i.e. enterance to Organization of the Paper: The rest of the paper is particular system commonly with the help of organized as follow. Section II describe the Hash credentials like a username and a password. Network Functions and, Properties of Hash Functions and their security consists of the policies adopted by a network Varients, Section III & IV describe Security Services analysist or administrator to prevent and track Provided By Hash Functions and Various Hash unauthorized access (i.e., with ACL, Logs) and Function widely used, Section V provides modification in system and, denial of a computer Comparative analysis and we are winding our work network and network resources. If a user authorized with conclusion and my future work with some new to do something still, a firewall forces to access techniques. And at end acknowledgement, References policies such as what services are allowed to be takes place. accessed for that network user. So these policies are okay to prevent unauthorized access to system, but II. CRYPTOGRAPHICH HASH FUNCTIONS this component may fail to check potentially harmful content such as computer Worms or Trojans being The term hash function has been used in computer transmitted over the network. Anti-virus software or science and it refers to a function that compresses a an intrusion detection system (IDS) help detect the message of arbitrary lenght to a message of fixed Malware. Communication between two hosts using a length called Message Digest. However if it satisfies network may uses encryption to maintain privacy some additional requirements, then it can be used for policy. And for authentication purpose apart from cryptographic applications and then known as encryption-decryption techniques Hash Functions Cryptographic Hash functions. Cryptographic Hash most widely used. functions are most important tool in the stream of Security and Cryptography and are used to achieve a The world is becoming more interconnected of the number of security goals like authenticity, digital Internet and new networking technology. There is a signatures, pseudo number generation, digital time so large amount of personal, military, commercial, stamping etc. Hash Function may be of two types and government information on networking Keyed and Un-Keyed. Keyed Hash Functions use infrastructures worldwide available. So it’s important secret key for computing the digest and these are also to find out who is transmitting critical data and who is known as MAC (Message Authentication Code) but receving, this will be take care by accountabilty in other we are not using any secret key. Secret can policies managed by administrator. But how to be distributed in a secure way also to the parties. It’ll identify wheather data received by one user is sent or be nice to use random key generation system there. Proceedings of 18th IRF International Conference, 09th September, 2018, New Delhi, India 30 Comparative Analysis of Cryptographic Hash Functions One-way Hash Function (OWHF) defined by Merkle private key of user not the message actually and when [3] is a hash function H, that satisfies the following message received before proving integrity of message requirements: with digest we prove digest received with message is 1. H can be applied to Block of data of any length. genuine one by decrypting it with sender’s public key (any length means size of Block must be greater and after this when we prove the integrity of actual than size of Digest we conclude at the end). message authenticity of message automatically 2. H produces a fixed-length output i.e., Message proved. Digest. 3. Given H and x (any given input), it is easy to 2. Proving Authenticity of Nodes [User and computer Message Digest H(x). Systems] 4. Given H and H(x), it is computationally Yes, Hash Functions also used to prove the infeasible to find x. authenticity of users at the time of logins, actually 5. Given H and H(x), it is computationally password created and stored for login during when infeasible to find x and x’ such that H(x) = H(x’) we enable password protection ON are not stored in plain way, first their digest computed and digest The first three requirements are must for practical stored in database. And whenever user tries to login applications of a hash function to message and enter password again digest computed with authentication and digital signatures. The fourth message typed in password field and that digest requirement also known as pre-image resistance or matched with digest stored in database, if matched one way property, states that it is easy to generate a user is authentic user otherwise user is not authentic. message code of given message but hard to generate a message back from given digest. The fifth 3. Digital Signature Implementation requirement also known as Second pre-image Digital signature is that particular security goal of a resistance or Collision resistance property security system which used to achieve the goal of guarantees that an alternative message hashing to the authenticity and a security service or property of non- same code as a given message cannot be found. repudiation (non-repudation means sender or reciever not be able lie that we didn’t did this). Message Authentication Code (MAC) and Hash Functions individuly not be able implement the Security goal of Digital Signatures. Hash functions are used to optimize the digital signature schemes. Without the use of Hash, the signature will be of same size as message. Now instead of generating the signature for the whole message which is to be authenticated, the sender of the message only signs the digest of the message using a signature generation algorithm (E.g., Elgamal Digital Signature Scheme, Diffie and Hellman Key Exchange). The sender then transmits the message and the signature to the respective receiver. The receiver verifies the signature of the sender by computing the digest of the message using Fig 1.1: Hash Function [24] the same hash function as the sender used and comparing it with the output of the signature III. SECURITY SERVICES PROVIDED BY verification algorithm. It is obvious that this approach HASH FUNCTIONS saves a lot of computational overhead involved in signing and verifying the messages in the absence of 1. Managing Authentication and Integrity of hash functions. Messages The primary purpose of networking is to maintain 4. Pseudo Random Number Generation end-to-end communication most probably by sending Hash Functions are one way functions that can be messages of various types. But it’s necessary to used to implement Random Number Generation. A maintain Integriity of messages which will be simple technique that can be start from an Initial received on other end, Hash functions helps for value (m) known as seed and compute in a way like managing this task i.e., with every message now H(m), H(m+1), H(m+2) and so on. digest is attached separately during initiation of message sending on the other end same message is 5. Session Key Generations used for calculating the digest if digest calculated and Hash functions also can be used to compute sequence digest attached matched message is genuine of session keys that are used for the protecting otherwise some manipulation done in between the number of successive communication sessions. communication. For proving the authenticity of Starting from a Master Key K0 which will be shared message now we are protecting the digest with secret Proceedings of 18th IRF International Conference, 09th September, 2018, New Delhi, India 31 Comparative Analysis of Cryptographic Hash Functions in secure manner between nodes, the first session key provided [6-9]. In 2002, NIST produced a revised can be computed like K1 = H(K0) and second session version of the standard known as SHA-2 (FIPS-180- key can be K2 = H(K1) and so on in the same way. 2) [6-9] and defined three new versions of SHA-2 with digest lengths of 256, 384 and 512 and known as IV. HASH FUNCTIONS VARIANTS SHA-256, SHA-384, and SHA-512 respectively.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    6 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us