Number Theory And Cryptography

Module 5

Hash functions are extremely useful and appear in almost all information security applications.
A hash function is a mathematical function that converts a numerical input value into another
compressed numerical value. The input to the hash function is of arbitrary length but output is
always of fixed length.

MD4
The MD4 Message-Digest Algorithm is a cryptographic hash function developed by Ronald
Rivest in 1990.[3] The digest length is 128 bits. The algorithm has influenced later designs, such
as the MD5, SHA-1 and RIPEMD algorithms. The initialism "MD" stands for "Message Digest".
One MD4 operation. MD4 consists of 48 of these operations, grouped in three rounds of 16
operations. F is a nonlinear function; one function is used in each round. Mi denotes a 32-bit
block of the message input, and Ki denotes a 32-bit constant, different for each round.
The security of MD4 has been severely compromised. The first full collision attack against MD4
was published in 1995, and several newer attacks have been published since then. As of 2007, an
attack can generate collisions in less than 2 MD4 hash operations.[2] A theoretical preimage
attack also exists.
A variant of MD4 is used in the ed2k URI scheme to provide a unique identifier for a file in the
popular eDonkey2000 / eMule P2P networks. MD4 was also used by the rsync protocol (prior to
version 3.0.0).
MD4 is used to compute NTLM password-derived key digests on Microsoft Windows NT, XP,
Vista, 7, 8, and 10.
One MD4 operation. MD4 consists of 48 of these operations, grouped in three rounds of 16
operations. F is a nonlinear function; one function is used in each round. Mi denotes a 32-bit
block of the message input, and Ki denotes a 32-bit constant, different for each round.

What is MD5?
The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function
that accepts a message of any length as input and returns as output a fixed-length digest value to
be used for authenticating the original message.

The MD5 hash function was originally designed for use as a secure cryptographic hash algorithm
for authenticating digital signatures. But MD5 has been deprecated for uses other than as a
noncryptographic checksum to verify data integrity and detect unintentional data corruption.

What is MD5 used for?

Although originally designed as a cryptographic message authentication code algorithm for use
on the internet, MD5 hashing is no longer considered reliable for use as a cryptographic
checksum because security experts have demonstrated techniques capable of easily producing
MD5 collisions on commercial off-the-shelf computers. An encryption collision means two files
have the same hash. Hash functions are used for message security, password security, computer
forensics and cryptocurrency.

The algorithm takes as input a message of arbitrary length and produces as output a 128-bit
'fingerprint' or 'message digest' of the input. It is conjectured that it is computationally infeasible
to produce two messages having the same message digest, or to produce any message having a
given prespecified target message digest. The MD5 algorithm is intended for digital signature
applications, where a large file must be 'compressed' in a secure manner before being encrypted
with a private (secret) key under a public-key cryptosystem such as RSA.

How does MD5 work?

The MD5 message-digest hashing algorithm processes data in 512-bit strings, broken down into
16 words composed of 32 bits each. The output from MD5 is a 128-bit message-digest value.

Computation of the MD5 digest value is performed in separate stages that process each 512-bit
block of data along with the value computed in the preceding stage. The first stage begins with
the message-digest values initialized using consecutive hexadecimal numerical values. Each
stage includes four message-digest passes, which manipulate values in the current data block and
values processed from the previous block. The final value computed from the last block becomes
the MD5 digest for that block

Secure Hash Algorithm 1 (SHA-1). Developed by the U.S. government in the 1990s, SHA-1

used techniques like those of MD5 in the design of message-digest algorithms. But SHA-1
generated more secure 160-bit values when compared to MD5's 128-bit hash value lengths.
Despite this, SHA-1 had some weaknesses and did not prove to be the ultimate algorithmic
methodology for encryption, either. Security concerns began to emerge, prompting companies
like Microsoft to discontinue support for SHA-1 in its software.

SHA-1 produces a 160-bit hash value or message digests from the inputted data (data that
requires encryption), which resembles the hash value of the MD5 algorithm. It uses 80 rounds of
cryptographic operations to encrypt and secure a data object. Some of the protocols that use
SHA-1 include:

Transport Layer Security (TLS)

Secure Sockets Layer (SSL)

Pretty Good Privacy (PGP)

Secure Shell (SSH)

Secure/Multipurpose Internet Mail Extensions (S/MIME)

Internet Protocol Security (IPSec)

SHA-1 is commonly used in cryptographic applications and environments where the need for
data integrity is high. It is also used to index hash functions and identify data corruption and
checksum errors.
The SHA-2 hash code family. The more secure successor to SHA-1 and one that is widely used
today is the SHA-2 family of hash codes. SHA-2 hash codes were created by the U.S. National
Security Agency in 2001. They represent a significant departure from SHA-1 in that the SHA-2
message-digest algorithms were longer and harder to break. The SHA-2 family of algorithms
delivers hash values that are 224, 256, 384 and 512 bits in length. They are known by the names
of their message-digest lengths -- for example, SHA-224 and SHA-256.

Message Authentication Code (MAC)

MAC algorithm is a symmetric key cryptographic technique to provide message authentication.

For establishing MAC process, the sender and receiver share a symmetric key K.
Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent
along with a message to ensure message authentication.
The process of using MAC for authentication is depicted in the following illustration 

Let us now try to understand the entire process in detail −

 The sender uses some publicly known MAC algorithm, inputs the message and the secret
key K and produces a MAC value.
 Similar to hash, MAC function also compresses an arbitrary long input into a fixed length
output. The major difference between hash and MAC is that MAC uses secret key during
the compression.
 The sender forwards the message along with the MAC. Here, we assume that the message
is sent in the clear, as we are concerned of providing message origin authentication, not
confidentiality. If confidentiality is required then the message needs encryption.
 On receipt of the message and the MAC, the receiver feeds the received message and the
shared secret key K into the MAC algorithm and re-computes the MAC value.
 The receiver now checks equality of freshly computed MAC with the MAC received from
the sender. If they match, then the receiver accepts the message and assures himself that
the message has been sent by the intended sender.
  If the computed MAC does not match the MAC sent by the sender, the receiver cannot
determine whether it is the message that has been altered or it is the origin that has been
falsified. As a bottom-line, a receiver safely assumes that the message is not the genuine.

Limitations of MAC

There are two major limitations of MAC, both due to its symmetric nature of operation −
 Establishment of Shared Secret.
o It can provide message authentication among pre-decided legitimate users who
have shared key.
o This requires establishment of shared secret prior to use of MAC.
 Inability to Provide Non-Repudiation
o Non-repudiation is the assurance that a message originator cannot deny any
previously sent messages and commitments or actions.
o MAC technique does not provide a non-repudiation service. If the sender and
receiver get involved in a dispute over message origination, MACs cannot provide
a proof that a message was indeed sent by the sender.
o Though no third party can compute the MAC, still sender could deny having sent
the message and claim that the receiver forged it, as it is impossible to determine
which of the two parties computed the MAC.

Digital Signature Algorithm (DSA) is one of the Federal Information Processing Standard for
making digital signatures depends on the mathematical concept or we can say the formulas of
modular exponentiation and the discrete logarithm problem to cryptograph the signature digitally
in this algorithm.

Digital signature is a cryptographic value that is calculated from the data and a secret key
known only by the signer or the person whose signature is that.

 Firstly, each person adopting this scheme has a public-private key pair in cryptography.
 The key pairs used for encryption or decryption and signing or verifying are different for
every signature. Here, the private key used for signing is referred to as the signature key
and the public key as the verification key in this algorithm.
 Then, people take the signer feeds data to the hash function and generates a hash of data
of that message.
 Now, the Hash value and signature key are then fed to the signature algorithm which
produces the digital signature on a given hash of that message. This signature is appended
to the data and then both are sent to the verifier to secure that message.
 Then, the verifier feeds the digital signature and the verification key into the verification
algorithm in this DSA. Thus, the verification algorithm gives some value as output as a
ciphertext.
 Thus, the verifier also runs the same hash function on received data to generate hash
value in this algorithm.
  Now, for verification, the signature, this hash value, and output of verification algorithm
are compared with each variable. Based on the comparison result, the verifier decides
whether the digital signature is valid for this or invalid.
 Therefore, the digital signature is generated by the 'private' key of the signer and no one
else can have this key to secure the data, the signer cannot repudiate signing the data in
the future to secure that data by the cryptography.

DSA Algorithm Steps

The first part of the DSA algorithm is the public key and private key generation through some
steps, which can be told as:

 Firstly, choose a prime number q, which is called the prime divisor in this.
 Then, choose another primer number p, such that p-1 mod q = 0. p is called the prime
modulus in this.
 Then, choose an integer g, such that 1 < g < p, g**q mod p = 1 and g = h**((p–1)/q) mod
p. q is also called g's multiplicative order modulo p in this algorithm.
 Then, choose an integer, such that 0 < x < q for this.
 Now, compute y as g**x mod p.
 Thus, Package the public key as {p,q,g,y} is this.
 And, Package the private key as {p,q,g,x} is this.

Then, the second part of the DSA algorithm is the signature generation and signature verification
in this algorithm, which can be told as:

Firstly, to generate a message signature, the sender can follow these further steps:
  Firstly, generate the message digest h, using a hash algorithm like SHA1.
 Then, generate a random number k, such that 0 < k < q.
 Then, Computer as (g**k mod p) mod q. If r = 0, select a different k.
 And, Compute i, such that k*i mod q = 1. i is called the modular multiplicative inverse of
k modulo q in this.
 Then, Compute s = i*(h+r*x) mod q. If s = 0, select a different k.
 Thus, Package the digital signature as {r,s}.

Then, to verify a message signature, the receiver of the message and the digital signature can
follow these further steps as:

 Firstly, Generate the message digest h, using the same hash algorithm.
 Then, Compute w, such that s*w mod q = 1. w is called the modular multiplicative
inverse of s modulo q in this.
 Then, Compute u1 = h*w mod q.
 And, Compute u2 = r*w mod q.
 Then, Compute v = (((g**u1)*(y**u2)) mod p) mod q.
 Wherever, If v == r, the digital signature is valid.