Cryptographic Hash Functions in Data Security: Mustansiriyah University Course Overview

Slide Note
Embed
Share

Cryptographic hash functions play a crucial role in ensuring data integrity and security. This course at Mustansiriyah University's Faculty of Engineering covers the SHA-512 algorithm and its applications in various fields such as message authentication, digital signatures, and intrusion detection. The lecturer, Fatimah Al-Ubaidy, explains the properties of a good hash function and the security requirements it must meet. Students learn about preimage resistance, second preimage resistance, collision resistance, and pseudorandomness. The course emphasizes the importance of using strong hash functions to protect against malicious attacks and maintain data authenticity.


Uploaded on Jul 30, 2024 | 0 Views


Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript


  1. Mustansiriyah University Faculty of Engineering Cryptographic Hash Functions Course name: Data Security Computer Engineering Dep. SHA-512 Algorithm Lecturer: Fatimah Al-Ubaidy Class: Third Year A Hash function (H) accepts a variable-length block of data Mas input and produces a fixed-size hash value h= H(M). A good hash function has the property that the results of applying the function to a large set of inputs will produce outputs that are evenly distributed and apparently random. In general terms, the principal object of a hash function is data integrity. A Cryptographic hash function: is an algorithm for which it is computationally infeasible to find either (a) a data object that maps to a pre-specified hash result (the one-way property) or (b) two data objects that map to the same hash result (the collision-free property). Because of these characteristics, hash functions are often used to determine whether or not data has changed. Applications of Cryptographic Hash Functions: (1) Message authentication, (2)Digital Signature, (3)One-way password file, (4)Intrusion detection, (5) Virus detection, (6)Pseudorandom number generation. Message Authentication: is a mechanism or service used to verify the integrity of a message. It assures that data received are exactly as sent (i.e., contain no modification, insertion, deletion, or replay). When a hash function is used to provide message authentication, the hash function value is often referred to as a message digest. * One-way password file: in which a hash of a password is stored by an operating system rather than the password itself. When a user enters a password, the hash of that password is compared to the stored hash value for verification. * Intrusion detection and virus detection: store H(F) for each file on a system and secure the hash values. One can later determine if a file has been modified by recomputing H(F). An intruder would need to change F without changing H(F). 1

  2. Mustansiriyah University Faculty of Engineering Cryptographic Hash Functions Course name: Data Security Computer Engineering Dep. SHA-512 Algorithm Lecturer: Fatimah Al-Ubaidy Class: Third Year 2

  3. Mustansiriyah University Faculty of Engineering Cryptographic Hash Functions Course name: Data Security Computer Engineering Dep. SHA-512 Algorithm Lecturer: Fatimah Al-Ubaidy Class: Third Year 3

  4. Mustansiriyah University Engineering College Cryptographic Hash Functions Course name: Data Security Computer Engineering Dep. SHA-512 Algorithm Lecturer: Fatimah Al-Ubaidy Class: Third Year Security Requirements of the Cryptographic Hash Functions: (1) Variable input size, (2) Fixed output size, (3) Efficiency, (4) Preimage resistant, (5) Second preimage resistant, (6) Collision resistant, (7) Pseudorandomness. * Preimage resistant, it is computationally infeasible to find any input that hashes to that output, i.e., given y, it is difficult to find an x such that h(x) = y. * Second preimage resistant, it is computationally infeasible to find any second input which has the same output as that of a specified input, i.e., given x, it is difficult to find a second preimage x x such that h(x) = h(x ). * Collision resistant, if this property is also satisfied, then it is referred to as a strong hash function. A strong hash function protects against an attack in which one party generates a message for another party to sign (if it is hard to find two inputs that hash to the same output). 4

  5. Mustansiriyah University Engineering College Cryptographic Hash Functions Course name: Data Security Computer Engineering Dep. SHA-512 Algorithm Lecturer: Fatimah Al-Ubaidy Class: Third Year Attacks on Hash Functions: 1) Birthday Attack: the probability that in a set of n randomly chosen people, some pair of them will have the same birthday. Applied to hash function attacks, this means you have a 50% chance to break the collision resistance. 2) Brute-Force Attack: is to pick values of y at random and try each value until a collision occurs. a) Preimage and Second Preimage Attack: For a preimage or second preimage attack, an adversary wishes to find a value y such that H(y) is equal to a given hash value h. b) Collision Attack: For a collision resistant attack, an adversary wishes to find two messages or data blocks, x and y, that yield the same hash function. 5

  6. Mustansiriyah University Engineering College Cryptographic Hash Functions Course name: Data Security Computer Engineering Dep. SHA-512 Algorithm Lecturer: Fatimah Al-Ubaidy Class: Third Year 3) Cryptanalysis: cryptanalytic attacks on hash functions seek to exploit some property of the algorithm to perform some attack other than an exhaustive search. The way to measure the resistance of a hash algorithm to cryptanalysis is to compare its strength to the effort required for a brute-force attack. That is, an ideal hash algorithm will require a cryptanalytic effort greater than or equal to the brute-force effort. * To summarize, for a hash code of length m, the level of effort required is proportional to the following: 6

Related


More Related Content