Académique Documents
Professionnel Documents
Culture Documents
Yuan Xue
Fall 2008
Hash function
Hash function H
h = H(M)
M is a message of variable length h is a fixed-length hash value
One-way property Weak collision resistance Strong collision resistance MD5 SHA family (e.g. SHA-1, SHA-2) Standalone With encryption algorithms
Message Authentication Digital Signature
Usage
Fall 2008
File integrity verification Public key fingerprint Passwd storage Message Authentication
HMAC
Digital Signature
Fall 2008
Authentication
Authentication, confidentiality
@Yuan Xue (yuan.xue@vanderbilt.edu) CS 285 Network Security Fall 2008
HMAC
Hash function works with a symmetric key to provide message authentication Two methods
MAC
(1) MAC = E [K, H(M)]
HMAC Structure
36 in hex repeated
K+ = K padded with 0 on the left (b bits in total) ipad = 00110110 repeated b/8 times opad = 01011100 repeated b/8 times
5C in hex repeated
HMAC(K,M) = H[(K+opad)||H[(K+ipad)||M]]
Fall 2008
Fall 2008
Digital Signature
Two approaches
Encryption of hash value via private key provides digital signature Any asymmetric encryption algorithm could be used
E.g. RSA
Many asymmetric encryption algorithms have export restriction DSA (digital signature algorithm)-based approach
Fall 2008
Algorithm
An asymmetric key algorithm Can not be used for encryption Can ONLY be used for digital signature
Fall 2008
Fall 2008
a is a primitive root of prime number p then a mod p, a2 mod p, , ap-1 mod p are distinct and consist of the integers from 1 through p-1 For any b and a primitive root a of p, unique exponent I can be found such that b = ai mod p (0<=i <= p-1)
Fall 2008
Fall 2008
CBC-based Hash-based
Encrypt the hash code Hash the message + key
HMAC
Digital Signature
Fall 2008
Comparison
Computation efficiency
faster
Digital Signature