Académique Documents
Professionnel Documents
Culture Documents
Salahaddin University-Erbil
Academic Year 2019-2020
Cryptography
Hash Functions
1
ABSTRACT
Cryptographic hash function has become a vital part in many applications.
World of cryptocurrency trusts heavily on these cryptographic hash
functions. Other uses are digital signature, verifying unique or duplicate
records, also helpful in data sleaze. In secular, it takes an input, process it
and products a digest which is fixed size alphanumeric string, not
understandable by human being. There are some ancient and new versions
of cryptographic hash functions current.MD5 AND SHA1 are older ones
and SHA3, BLAKE2, TIGER is a few of the newer versions. during this
report we are visiting discuss these hash function, depending upon their
characteristics, vulnerabilities and strengths, one in every of them will be
decided to use for a data-oriented company. Essentially, the older one’s
MD-5 hashing algorithm remainders generally utilized however,
cryptographically defective because it can infer collision. MD-5 is broken
dueto collision, however not in respect of preimages or second preimages.
The main attack on MD-5 were done in 1996, this attack was done on the
density of MD-5 not on MD-5 itself. Hypothetical attack was created in
year 2004.
But in real the attacks done on MD-5 are way too slow to reduction its
value. SHA-1 hashing algorithm is cryptographically defective but the
properties which we need in password hashing algorithm are still applied. It
2
tortuously means whatever “password hashing algorithm” which are built
according to the SHA-1 are secure.
So, firms which are using this algorithm feel secure finds no reason to alter
to something new. SHA3 (keccak) fresher algorithm beaten other new
algorithm Blake during a competition hosted by national institute of
standards and technology, reason being not designed specifically for ASIC
mining. The newer versions are probably good and can be briefed within
the upcoming paragraphs. Depending upon my report , I would suggest
using SHA3 for the data-oriented company.
3
TABLE OF CONTENTS
Abstract 2
Table of Contents 4
Introduction 5
Methods
12
Conclusion
19
References
20
4
INTRODUCTION
Cryptographic hash functions are essential building blocks that are used
inside many different cryptographic algorithms and protocols. There are a
number of critical applications in the field of information security. So,
some of the public algorithms that are known to be a cryptographic hash
function include SHA-1, SHA-3, BLAKE2, TIGER, MD5 which is
probably one of the most common one. MD5 also have some predecessors
namely MD4. There’s also a successor to MD5 known as MD6. But
essentially, MD5 is amongst the more popular ones.
There are three key characteristics of hash function specified down below:
Input of any distance can be fed to the hash function and it will produce
alphanumeric text of fixed length which acts as a signature for the
providing input. Afterward, the person who gets the message digest doesn’t
know the real message, however the person who originally knew the
message can only tell the digest is made from the same message or not.
5
A cryptographic hash function must be as random as could sensibly be
expected, while it is as yet deterministic and calculatable effectively. From
a cryptographic viewpoint, a cryptographic hash work is considered
uncertain if below mentioned points are measurable:
1. Find a message (already not seen) that relays to a given hash value.
2. Find ” collision ” that have a like hash value for two unique messages.
The above two methods can be used by the attacker to modify the original
message with an authorized message. Rather, two unique messages whose
digests (hash value) are comparable ought to be not found. Visibly, the
attacker learns somewhat like one snippet of data, the digest itself, which
enables the attacker to perceive whether a similar message occurred. MD5
and SHA-1 are the two most usually utilized hash functions for various
standards and applications. Security faults are appearing, there could be a
imaginable scientific shortcoming, and a more grounded hash functions is
recommended. In 2007, the National Institute of Standards and Technology
gave a test to work on hash called SHA-3, outcome were really remarkable,
lot of algorithms are available today with better functionality.
6
BACKGROUND & REVIEW
What is Hashing?
Let’s try to imagine a fantasy state here. Suppose, you want to send a
message/file to someone and it is of absolutely authoritative that it reaches
its intended receiver in the exact same format. How would you do it? One
option is to send it multiple times and verify that it wasn’t tampered with.
But, what if the message is too long? What if the file measures in
Gigabytes? It would be utterly absurd, unworkable and quite frankly boring
to verify every single letter, right? Well, that’s where Hashing arises into
play.
Using a chosen hash algorithm, data is crushed to a fixed size. Let’s
understand this with an example. If we take the sentence “Donkeys live a
long time” and smear the joaat hash algorithm to it, we will get 6e04f289.
This value is recognized as a hash.
Hashes are highly suitable when you want to recognize or compare files or
databases. Rather than linking the data in its original form, it’s much easier
for computers to relate the hash values. Whether it’s storing passwords, or
in computer illustrations, or in SSL certificates…Hashing does it all.
Essentially, Hashing is defined by two distinct characteristics
– irreversibility and inimitability. Irreversibility points to the fact that once
you hash somewhat, there is no way back. Unlike Encryption and
Encoding, you can’t simply de-hash a message/data. Unique, because no
two hash values are ever the similar for two different pieces of data. If two
hashes are initiate to be the same for two different pieces of data, it’s
termed a ‘hash collision’ and that algorithm becomes useless.
7
As we discussed, a hash function lies at the core of a hashing algorithm.
But, to get the hash value of a pre-set distance, you first need to divide the
input data into fixed sized blocks. This is because a hash function receipts
in data at a fixed-length. These blocks are called ‘data blocks.’ This is
established in the image below.
The size of the data blocks varies from one algorithm to another. But for a
particular algorithm, it remnants the same. For example, SHA-1 takings in
the message/data in blocks of 512-bit only. So, if the message is precisely
of 512-bit length, the hash function runs only once (80 rounds in case of
SHA-1).
Likewise, if the message is 1024-bit, it’s divided into two blocks of 512-bit
and the hash function is run twice.
8
Still, 99 percent of the time, the message won’t be in the multiples of 512-
bit. For such cases (almost all cases), a method called padding is used.
Using a padding method, the entire message is divided into fixed-size data
blocks.
The hash function is recurrent as many times as the number of data blocks.
This is how it’s done:
As shown overhead, the blocks are processed one at a time. The output of
the first data block is fed as input lengthways with the second data block.
Consequently, the output of the second is fed along with the third block and
so on. Thus, we are creation the final output the joint value of all the
blocks. If you modification one bit anywhere in the message, the entire
hash value changes. This is called the 'avalanche effect.'
9
Practice Problems on Hashing
Q1/ Given the resulting input (4322, 1334, 1471, 9679, 1989, 6171, 6173,
4199) and the hash function x mod 10, which of the resulting statements
are true?
i. 9679, 1989, 4199 hash to the same value
ii. 1471, 6171 has to the same value
iii. All elements hash to the same value
iv. Each element hashes to a different value
(A) i only
(B) ii only
(C) i and ii only
(D) iii or iv
As we can see, 9679, 1989 and 4199 hash to same value 9. Also, 1471 and
6171 hash to same value 1. Therefore, statement (i) and (ii) are correct
which match with option (C).
10
Q2/ Which one of the resulting hash functions on integers will distribute
keys most uniformly over 10 buckets numbered 0 to 9 for i ranging from 0
to 2020?
(A) h(i) =i^2 mod 10
(B) h(i) =i^3 mod 10
(C) h(i) = (11 ∗ i^2) mod 10
(D) h(i) = (12 ∗ i) mod 10
As we can see from the table, i^3 mod10 is allocating evenly from indexes
0 to 9. Other functions have not utilized all indexes.
11
METHODS
Message Authentication
Digital signatures
The summary value of a message is encoded with the sender’s private key,
any user who has the general public key can verify the integrity of the
message that's related to the digital signature.
Password file
12
Detection of intruders and viruses
For each F file of the system, the hash H(F) is additionally stored, if there's
any change in F, it'll be perceived;
Blockchain
The data within the blockchain are “hashes” in each block. If the block
changes, ie someone tried to alter what number bitcoins, for instance, they
had or how much they should send, the hash value would vary and
everybody could detect that something has changed.
The hash value of the previous block is used to calculate the hash value of
this block, creating a link between the blocks.
SHA-1; insecure
SHA-256;
MD5; insecure
13
THEORY / DESIGN / OUTCOMES
Hash function is used for number of applications, non only for the
cryptography. It also contains practical applications such as authentication,
digital signature, message integrity check, cryptocurrency, data corruption
and various other application.
MD5 ALGORITHM:
14
If both message digest are same means, there is no change done during the
transmission. Plain text is treated in 512 bit & blocks. If the distance is less
than 512 some padding bits are to be appended.
hashing:
3. Initialize the MD buffer (use to store the o/p of each buffer is of size 32 bits)
SHA-3 (Secure Hash Algorithm 3) is the most new member from the
Secure Hash Algorithm group, designed by NIST on August 5, 2015.
Although part of a like algorithm, SHA-3 is unique in relation to the MD5-
like building of SHA-1 and SHA-2. SHA-3 is a subsection of the more
wide cryptographic family Keccak planned by Guido Bertoni, Joan
Daemen, Michaël Peeters, and Gilles Van Assche. Keccak’s creators have
planned extra uses for the function, not (yet) established by NIST, a
confirmed encryption framework, a “tree” hashing plan for quick hashing
on certain architectures, AEAD ciphers Keyak and Ketje.
Fast in hardware
Huge security margin because of high rounds.
Slow in software
Because of its speed attacker can try on lots of software uniform if
salt is applied.
16
3-BLAKE2 HASH FUNCTION:
Prefix-MAC for authentication that is less complex and faster than
HMAC
17
GOOD POINTS OF BLAKE2:
This hash function was designed in 1995 by ROSS ANDERSON and ELI
BIHAM mainly for 64-bit platforms. The tiger hash value contains of 192
bits. Other abridged versions of the tiger hash functions are Tiger/128 and
Tiger/160. These versions can be used with protocols difficult a particular
hash size. The summary size are as follows 192,128,160 and there are 24
rounds in this algorithm. Tiger 2 optional is a optional where a byte is first
appended to the hexadecimal value of =0X80, just like in MD5, MD4 and
0X01. Else the two variants are perfectly identical.
18
CONCLUSION
In this report, Hash Functions has been briefly explained. How unlike hash
algorithm came in being when attacks on such algorithms became
common. All algorithm has some good points and some bad points. Get
together all the bits and pieces I would advise using BLAKE2 hash
function for the data-oriented company. As it is an improved version of
SHA3 hash function and significantly quicker than MD5. It is also existing
for 32- and 64-bit platforms. It is noticeably quicker in both software and
hardware. Also, it is resilient to collision attack which MD5 is not. Though
there are some theoretical claims that cryptographic hash functions lands
into inadvertent collision. Hence it is just theoretical only. Because in the
long term it hasn’t occurred to RIPEMD, SHA-256, TIGER. So, it cannot
be said that BLAKE2 will have intended collision as it is lot stronger than
above mentioned hash functions.
19
REFERENCES