Summary for Slides

1. Overview of Hash Functions

Definition of Hash Functions

 Hash functions are mathematical algorithms.

 They generate a message summary or digest (fingerprint).

Purpose

 Confirm the identity of a specific message.

 Ensure there have not been any changes to the content.

Characteristics

 Do not create ciphertext.

 Confirm message identity and integrity.

Role in E-Commerce

 Critical function for security and data integrity.

Hash Algorithm

 Public functions that create a hash value.

 Convert variable-length messages into a fixed-length value.

2. Characteristics of Hash Functions

 No Keys Required

 Hashing functions do not require keys.

 However, a message authentication code (MAC) can be attached.

 One-Way Function

 Hash functions are one-way and cannot be reversed.

 Use in Password Verification

 Used to confirm user identity in authentication systems.

 The hash value (message digest) is created from the original password.
  Stored hash values are later used for comparison during login.

3. Secure Hash Standard (SHS) and Hash Algorithms

 Standard issued by NIST, defined in FIPS 180-1.

SHA-1

 Secure algorithm for a condensed representation of a message.

 Produces a 160-bit message digest for digital signatures.
 Based on MD4 principles, part of the MDx family by Ronald Rivest.

New Hash Algorithms

 SHA-256, SHA-384, SHA-512 proposed by NIST.

 Standards for 128, 192, 256 bits.
 More bits = stronger collision resistance.

SHA-256

 256-bit block cipher algorithm.

 Encrypts intermediate hash value, using message block as key.
 Compression function on 512-bit blocks → 256-bit digest.

4. Rainbow Cracking Attack and Password Protection

 Rainbow cracking is an attack that uses precomputed hash tables (rainbow tables) to
quickly crack passwords.
 Defense mechanisms:
o Protect hashed password files.
o Limit login attempts.
o Salting: Adds random data to the hash function, making rainbow tables
ineffective.

5. Cryptographic Hash Function

Definition

 A hash function that takes an arbitrary block of data and returns a fixed-size bit
string (hash value).
 Any accidental or intentional change to the data alters the hash value.

Characteristics
  Easy to compute the hash for any message.
 Infeasible to generate a message with a specific hash.
 Infeasible to modify a message without changing its hash.
 Infeasible to find two different messages with the same hash.

Applications

 Used in digital signatures, message authentication codes (MACs), and

authentication.
 Helps in indexing data, fingerprinting, detecting duplicates, and checksums.
 In security, cryptographic hash values are known as digital fingerprints or checksums.