Unit 5
Unit 5
MDS5 Algorithm:
RSA 512 7 -
RIPEMD
The RIPEMD is an acronym for RACE Integrity Primitives Evaluation Message
Digest. This set of hash functions was designed by open research community and
generally known as a family of European hash functions.
The set includes RIPEMD, RIPEMD-128, and RIPEMD-160. There also exist
256, and 320-bit versions of this algorithm.
Original RIPEMD (128 bit) is based upon the design principles used in MD4
and found to provide questionable security. RIPEMD 128-bit version came as
a quick fix replacement to overcome vulnerabilities on the original RIPEMD.
RIPEMD-160 is an improved version and the most widely used version in the
family. The 256 and 320-bit versions reduce the chance of accidental collision,
but do not have higher levels of security as compared to RIPEMD-128 and
RIPEMD-160 respectively.
HMAC:
With HMAC, you can achieve authentication and verify that data is correct and
authentic with shared secrets, as opposed to approaches that use signatures and
asymmetric cryptography.
Two parties want to communicate, but they want to ensure that the contents of their
connection remain private. They also distrust the internet, and they need a way to
verify that the packets they receive haven't been tampered with. HMAC is a valid
solution.
Secret keys. They must have a way to decode messages they get. A secret
key handles this task, and it's meant to stay secret and hidden.
Algorithm. They must pick one hash function that all of their messages will
move through.
When complete, the message is considered irreversible, and it's also resistant to
hacking. Someone who intercepts this message won't even be able to guess at its
length. The work renders the message contents absolutely useless to anyone
without a key or a code.
HMAC tester tools can help demonstrate how something like this works. Imagine
you're dealing with these inputs:
Understanding the math is critical for developers. If you're asked to explain your
work and the protections you offer, a diagram can often showcase things better
than your words ever can.
But the average computer user may never need to understand the math. To them,
knowing that their messages are protected may be all they require.
How to Implement HMAC
1. A shared secret
2. A hashing tool
Only your server should know all three items for all of your users. And that data
should be fiercely protected. Anyone who knows the secret keys for your members
can take over your server and/or send fraudulent data.
Build your token in Ad Manager. You'll specify details about the visit and
the time. You'll use Google's authentication key to create your "secret key."
Implement. You can put your new token within your authorization request
header, or you can pass it as a query string or form data parameter.
Google makes this process quick and easy. Developers can access a simple tutorial
and copy code within minutes.
Notice that you're not asking your Google Ads visitors to memorize a code or do
any decoding. The user's server understands the coding requirements within your
website, and all of the token setting and translation is invisible to the user.
Even so, you should test this environment often before you deploy it. If you
encounter a coding error, you could block people from accessing your site, as it
will seem as though they're fraudulent actors. It pays to test any system like this on
multiple devices before you set it loose on the wider world.
Digital Signature
Digital Signature in Cryptography is a value calculated from the data along with a
secret key that only the signer is aware of. The receiver needs to be assured that the
message belongs to the sender. This is crucial in businesses as the chances of
disputes over data exchange are high.
Application of Digital Signature
o Authentication
o Non-repudiation
o Integrity
Authentication
Authentication is a process which verifies the identity of a user who wants to access
the system. In the digital signature, authentication helps to authenticate the sources
of messages.
Non-repudiation
Integrity
Integrity ensures that the message is real, accurate and safeguards from unauthorized
user modification during the transmission.
The key generation algorithm selects private key randomly from a set of possible
private keys. This algorithm provides the private key and its corresponding public
key.
2. Signing algorithm
User authentication is the first most priority while responding to the request made
by the user to the software application. There are several mechanisms made which
are required to authenticate the access while providing access to the data.
1. Kerberos :
Kerberos is a protocol that aids in network authentication. This is used for
validating clients/servers during a network employing a cryptographic key. It is
designed for executing strong authentication while reporting to applications. The
overall implementation of the Kerberos protocol is openly available by MIT and
is used in many mass-produced products.
DSS:
Digital Signature Standard (DSS) is a Federal Information Processing
Standard(FIPS) which defines algorithms that are used to generate digital
signatures with the help of Secure Hash Algorithm(SHA) for the authentication of
electronic documents. DSS only provides us with the digital signature function
and not with any encryption or key exchanging strategies.
Sender Side : In DSS Approach, a hash code is generated out of the message and
following inputs are given to the signature function –
1. The hash code.
2. The random number ‘k’ generated for that particular signature.
3. The private key of the sender i.e., PR(a).
4. A global public key(which is a set of parameters for the communicating
principles) i.e., PU(g).
These input to the function will provide us with the output signature containing
two components – ‘s’ and ‘r’. Therefore, the original message concatenated with
the signature is sent to the receiver.
Receiver Side : At the receiver end, verification of the sender is done. The hash
code of the sent message is generated. There is a verification function which
takes the following inputs –
1. The hash code generated by the receiver.
2. Signature components ‘s’ and ‘r’.
3. Public key of the sender.
4. Global public key.
The output of the verification function is compared with the signature component
‘r’. Both the values will match if the sent signature is valid because only the
sender with the help of it private key can generate a valid signature.
Benefits of advanced signature:
1.A computerized signature gives better security in the exchange. Any
unapproved individual can’t do fakeness in exchanges.
2.You can undoubtedly follow the situation with the archives on which the
computerized mark is applied.
3.High velocity up record conveyance.
4.It is 100 percent lawful it is given by the public authority approved ensuring
authority.
5.In the event that you have marked a report carefully, you can’t deny it.
6.In this mark, When a record is get marked, date and time are consequently
stepped on it.
7.It is preposterous to expect to duplicate or change the report marked carefully.
8.ID of the individual that signs.
9.Disposal of the chance of committing misrepresentation by a sham.