CHAPTER 11 Cryptographic Hash Functions

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc.,
publishing as Prentice Hall, 2017. 1
 ● Summarize the
applications of
LEARNING OBJECTIVES cryptographic hash
- part I functions.
● Explain why a hash
function used for
Upon completion of this material, you
should be able to: message authentication
needs to be secured.

2
LEARNING OBJECTIVES ● Present an overview of
- part II the basic structure of
cryptographic hash
functions.
Upon completion of this material, you
should be able to:

3
Hash Functions
● Condenses arbitrary
messages to fixed sizes.
h = H(M)
● Usually assume hash
function is public.
● Used to detect changes to
message.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
4
Source: William Stallings, Cryptography
and Network Security: Principles and
Practice, 7th Edition, published by
Pearson Education, Inc., publishing as
Prentice Hall, 2017. 5
Source: William Stallings,
Cryptography and Network
Security: Principles and Practice,
7th Edition, published by Pearson
Education, Inc., publishing as
Prentice Hall, 2017.
6
A cryptographic hash function**:
● Computationally infeasible to find data mapping to
specific hash (one-way property).

● Computationally infeasible to find two data to same

hash (collision-free property).

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
7
Hash Functions and Message Authentication
● Hash functions can be used to provide message
authentication in several ways:

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
8
#1: The message plus concatenated hash code is
encrypted using symmetric encryption.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
9
**

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
10
● Because only A and B share the secret key, the
message must have come from A and has not been
altered. The hash code provides the structure or
redundancy required to achieve authentication.
● Because encryption is applied to the entire message
plus hash code, confidentiality is also provided.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
11
#2: Only the hash code is encrypted, using symmetric
encryption. This reduces the processing burden for those
applications that do not require confidentiality.
**

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
12
Message Authentication Code (MAC)
● More commonly, message authentication is achieved
using a message authentication code (MAC), also
known as a keyed hash function.

● Typically, MACs are used between two parties that

share a secret key to authenticate information
exchanged between those parties.
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
13
● A MAC* function takes as input a secret key and a
data block and produces a hash value, referred to as
the MAC, which is associated with the protected
message.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
14
● Note that the combination of hashing and
encryption results in an overall function that is, in
fact, a MAC (Figure 11.3b):

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
15
● If the integrity of the message needs to be checked, the
MAC function can be applied to the message and the
result compared with the associated MAC value. An
attacker who alters the message will be unable to
alter the associated MAC value without knowledge
of the secret key*.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
16
Hash Functions and Digital Signatures
● The operation of the digital signature is similar to that
of the MAC.

● In the case of the digital signature, the hash value of a

message is encrypted with a user’s private key*.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
17
● Anyone who knows the user’s public key can verify the
integrity* of the message that is associated with the
digital signature.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
18
**

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017. 19
Other Uses of Hash Functions
● To create a one-way password file
○ store hash of a password not the actual password

● For intrusion detection and virus detection

○ Keep and check hash of files on system

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
20
● Construct a pseudorandom function (PRF) or a
pseudorandom number generator (PRNG).

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
21
A Simple Insecure Hash Functions
A simple hash function takes the bit-by-bit exclusive-OR
(XOR) of every block. This is a longitudinal redundancy
check (but not a secure hash function):
Ci = bi1 ⊕ bi2 ⊕ … ⊕ bim

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
22
 Ci = bi1 ⊕ bi2 ⊕ … ⊕ bim
where
Ci = ith bit of the hash code, 1 <= i <= n
m = number of n-bit blocks in the input
bij = ith bit in jth block
⊕ = XOR operation
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
23
Requirements of a Cryptographic Hash Function
Q: Does the earlier example of a ‘simple hash function’
meet the following requirements?

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
24
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
25
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
26
To summarize, for a hash code of length m, the level of
effort required:

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
27
Secure Hash Algorithm (SHA) - optional
● Watch “SHA: Secure Hashing Algorithm -
Computerphile”,
https://www.youtube.com/watch?v=DMtFhACPnTY

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
28
Revised Secure Hash Algorithm
● Revised version SHA-2 includes SHA-224, … , SHA-512.

● Designed for compatibility with increased security

provided by AES cipher.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
29
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
30
**

Source: William Stallings, Cryptography and

Network Security: Principles and Practice, 7th
Edition, published by Pearson Education, Inc.,
publishing as Prentice Hall, 2017.
31
SHA-3 Requirements
● A replacement for SHA-2 (use same hash sizes): SHA-3
in 2015 (Keccak).
● Must process small blocks (512/1024 bits)

● Security → close to theoretical maximum for hash size

● Efficient → time and memory
● Characteristics → flexibility and simplicity
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
32
 CHAPTER 13 Digital Signatures

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc.,
publishing as Prentice Hall, 2017. 33
 ● Present an overview
of the digital signature
process.
LEARNING OBJECTIVES
● Understand the NIST
Upon completion of this material, you
digital signature
should be able to:
scheme.

34
Digital
Signature
Process

Source: William Stallings, Cryptography and Network

Security: Principles and Practice, 7th Edition, published by
Pearson Education, Inc., publishing as Prentice Hall, 2017.
35
● In situations where there isn’t complete trust between
sender and receiver, something more than simple
authentication (via MAC) is needed. The most
attractive solution to this problem is the digital
signature.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
36
 ● Makeup lectures on
Monday 22/4/2024
Agenda
Week 7 ● Quiz 1, 2, and 5
should be completed
by now!

37
Digital Signature Requirements
● #1: The signature must be a bit pattern that depends
on the message being signed.*

● #2: The signature must use some information only

known to the sender to prevent both forgery and
denial.*

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
38
● #3: It must be relatively easy to produce the digital
signature.*

● #4: It must be relatively easy to recognize and verify

the digital signature.*

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
39
● #5: It must be computationally infeasible to forge* a
digital signature, either by:
○ constructing a new message for an existing digital
signature or
○ constructing a fraudulent digital signature for a
given message.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
40
● #6: It must be practical to retain a copy of the digital
signature in storage*.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
41
● The validity of the scheme just described depends on
the security of the sender’s private key.

● If a sender later wishes to deny sending a particular

message, the sender can claim that the private key was
lost or stolen and that someone else forged his/her
signature.
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
42
Solution → use digital certificate and certificate
authorities*
● Apart from other administrative controls, require:
○ every signed message should include a timestamp
(date and time) and
○ prompt reporting of compromised keys to a
central authority.
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
43
NIST Digital Signature Scheme
● Standard: Digital Signature Standard (DSS)
● Algorithm: Digital Signature Algorithm (DSA)

● Makes use of the Secure Hash Algorithm (SHA)

● It incorporates digital signature algorithms based on
RSA and variants of elliptic curve cryptography.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
44
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
45
Digital Signature Algorithm (DSA)
● Create a 320-bit signature with 512 to 2,048-bit keys.

● A digital signature scheme only. It cannot be used for

encryption or key exchange.
● Security depends on difficulty of computing discrete
logarithms.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
46
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
47
DSA approach:The hash code is provided as input to a
signature function along with a random number k
generated for this particular signature.

Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
48
● The signature function also depends on the sender’s
private key (PRa) and a set of parameters known to a
group of communicating principals. We can consider
this set to constitute a global public key (PUG).

● The result is a signature consisting of two

components, labeled s and r.
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
49
● At the receiving end, the hash code of the incoming
message is generated. The hash code and the signature
are inputs to a verification function.

● The verification function also depends on the global

public key as well as the sender’s public key (PUa),
which is paired with the sender’s private key.
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
50
● The output of the verification function is a value that is
equal to the signature component r if the signature is
valid.

● The signature function is such that only the sender,

with knowledge of the private key, could have
produced the valid signature.
Source: William Stallings, Cryptography and Network Security: Principles and Practice, 7th Edition, published by Pearson Education, Inc., publishing as Prentice Hall, 2017.
51
Activity from Cybersecurity Essentials Course
● 5.2.2.4 Lab - Using Digital Signatures

● Complete Quiz for Chapter 5: The Art of Ensuring

Integrity

52