11.5 Cryptographic Hash Function Criteria

A cryptographic hash function is a function that takes an input (or "message") and returns a
xed-size string of characters, which is typically a hash value or digest. The function must
satisfy several important criteria to ensure its effectiveness and security:
Deterministic:
The same input will always produce the same hash output.
Fast Computation:
It should be quick to compute the hash value for any given input, making
it suitable for various applications, such as digital signatures or le
integrity checks.
Pre-image Resistance:
Given a hash value, it should be computationally infeasible to reverse-
engineer or nd the original input that produced the hash value. This
ensures that attackers cannot retrieve the original document from its hash.
Second Pre-image Resistance:
It should be infeasible to nd two different inputs that produce the same
hash value. This ensures that no two different documents will have the
same hash, preventing collisions.
Collision Resistance:
It should be computationally infeasible to nd two distinct inputs that
hash to the same output (a collision). This ensures the uniqueness of the
hash value.
Avalanche Effect:
A small change in the input should result in a signi cantly different hash
output. This ensures that even the smallest modi cation in the document
leads to a completely different ngerprint, enhancing security.
Uniform Distribution:
The hash values should be uniformly distributed across the output space,
minimizing the chances of collisions and ensuring randomness in the
hash values.
fi

fi
fi
fi
fi
fi
fi
fi
 Digital Signature Process Digital Signature Services Types of Digital Signature Schemes
1. RSA Digital Signature Scheme
Signing: The sender signs the message using a signing A digital signature provides several security services: Key Generation: Uses private and public keys. The private key d
algorithm. 1. Message Authentication is used for signing, and the public key (e, n) is used for
Transmission: The message and its digital signature are veri cation.
Veri es the sender's identity. Signing Process: The message is signed using the private key.
sent to the recipient. Ensures the authenticity of the message. Veri cation: The recipient uses the public key to verify the
signature.
Veri cation: The recipient applies a verifying algorithm 2. Message Integrity Example: Alice signs a message M using her private key, and
to con rm the message's authenticity. If veri cation fails, Ensures the message hasn't been altered during Bob uses her public key to verify the signature.
the message is rejected. 2. ElGamal Digital Signature Scheme
transmission. Key Generation: Involves selecting a prime number p and a
Need for Keys The message will not match the original signature if public key pair (e1, e2 ,p )The private key is d.
Private and Public Keys: A digital signature requires modi ed. Signing Process: Alice signs the message using her private key d
Veri cation: The recipient calculates values based on the public
both a private key (used for signing) and a public key 3. Nonrepudiation key and checks if they match the signature.
(used for veri cation). Ensures that the sender cannot deny sending the
3. Schnorr Digital Signature Scheme
Key Generation: Involves selecting primes p and q. The public key
Key Usage: The private key belongs to the signer, while message. consists of (e1,e2,p,q).
the public key is used by the veri er to check the Achieved by using a trusted party to manage veri cation. Signing Process: Alice generates a random number r and
signature. calculates the signature using the private key d.
4. Con dentiality Veri cation: The recipient checks if the signature matches the
Signing the Digest A digital signature does not provide con dentiality. expected value.
Instead of signing the entire message, digital signatures 4. Digital Signature Standard (DSS)
If con dentiality is needed, encryption must be applied Key Generation: Involves selecting primes p and q. Alice generates a
typically involve signing a hash (digest) of the message. in addition to the digital signature. public key (e1, e2, p, q) and a private key d.
Signing Process: Alice signs the message with her private key.
This enhances ef ciency. Veri cation: Bob veri es the signature using Alice’s public key.

15-1 Symmetric-Key Distribution 15-2 Kerberos 15-4 Public-Key Distribution

Symmetric-key cryptography is more e cient for encrypting large Kerberos is an authentication protocol and also functions as a Key- Public-key cryptography involves each user having a public key
messages compared to asymmetric-key cryptography. However, Distribution Center (KDC). It is used to authenticate users in a network (available to everyone) and a private key (known only to the user). This
the major issue with symmetric-key cryptography is the and has been widely adopted by systems like Windows 2000. allows secure communication without the need for shared keys.
distribution of keys, as both parties need a shared secret key. Kerberos Servers: 15.4.1 Public Announcement
15.1.1 Key-Distribution Center (KDC) Authentication Server (AS): Authenticates users. A user can announce their public key publicly, but the security depends on
KDC is used to manage and distribute keys securely. Ticket-Granting Server (TGS): Issues tickets for accessing the trustworthiness of the announcement.
A Key-Distribution Center generates secret keys for each member, real servers. 15.4.2 Trusted Center
but these keys are used only between the member and the KDC, not Real Servers: Provide services to authenticated users. A trusted center acts as a mediator to authenticate users and verify their
between two members. Version 5 Enhancements: public keys.
KDC can either be at (with multiple KDCs) or hierarchical, where Longer ticket lifetime. 15.4.3 Controlled Trusted Center
one main KDC oversees others. Ticket renewal. A controlled trusted center is a trusted entity that manages the
15.1.2 Session Keys Supports any symmetric-key algorithm. distribution and validation of public keys in a controlled environment.
Session keys are symmetric keys used between two parties for one Improved protocol for data types. 15.4.4 Certi cation Authority
session and are discarded after use. The key idea is to use a More overhead compared to version 4. A Certi cation Authority (CA) is a trusted third party responsible for
temporary key for each session to minimize risks. 15-3 Symmetric-Key Agreement issuing certi cates that validate the identity of users and bind them to their
The Needham-Schroeder Protocol and Otway-Rees Protocol are Symmetric-key agreement allows two parties to generate a shared secret public keys.
two well-known protocols used for secure session key generation without a KDC. One famous method is the Di e-Hellman Key 15.4.5 X.509
and exchange. Agreement. X.509 is a standard for de ning the format of public-key certi cates.
10-5 Di e-Hellman Key Exchange Algorithm The Di e-Hellman method involves modular exponentiation to compute Certi cate Renewal: A certi cate may need renewal before it expires.
Di e-Hellman allows two parties to securely exchange a key, a shared key: Certi cate Revocation: A certi cate can be revoked if compromised, and
which can then be used for subsequent asymmetric encryption of Both Alice and Bob choose a private number and compute a delta certi cate revocation lists (CRL) are used to e ciently manage
messages. public number. revocation.
The procedure involves both parties generating and exchanging They exchange their public numbers, then compute the 15.4.6 Public-Key Infrastructures (PKI)
public values, then computing the shared key independently. same shared key using their private number and the A PKI is an infrastructure that manages and supports the use of public
Security: Vulnerabilities include discrete logarithm attacks and received public number. keys.
man-in-the-middle attacks. Example: Trust Models:
K = g^{xy} \mod p Hierarchical model: A root CA signs intermediate CAs,
Security: Vulnerabilities include man-in-the-middle attacks, where an which then sign end-entity certi cates.
attacker intercepts and alters the key exchange. Web Browsers and Roots: Browsers like Netscape and
Internet Explorer maintain a list of trusted root certi cates
from which users can select a trusted CA.

ffi
fi
fi
fi
fi
fi
fi
fi
fi
fi
ffi
fi
fi
fi
fi
fi
ffi
fi
fi
fi
fi
fl
fi
fi
fi
fi
fi
fi
fi
ffi
ffi
fi
fi
ffi
fi
fi
fi