NS Unit 3
NS Unit 3
Authentication
Authentication
The essential authentication requirements necessary for securing systems and
applications. It aims to provide a comprehensive overview of the best practices
and standards that should be implemented to ensure robust authentication
mechanisms. By adhering to these requirements, organizations can enhance their
security posture and protect sensitive data from unauthorized access.
authentication requirements
1. User Identification
🔹 Example:
•When you create an account on Facebook or Gmail, your email
ID or username is unique.
•Email Verification: When signing up, you receive a verification
email with a link. Your account is not activated until you click the
link, ensuring that the email belongs to you.
authentication requirements
2. Password Policies
🔹 Example:
•If you enter the wrong password 5 times on a banking
website, your account gets locked for 15 minutes.
•Some systems require an admin to unlock the account.
authentication requirements
5. Session Management
7. User Education
🔹 Example:
•Employees are taught not to click on unknown
email links that might be phishing scams.
•Users are encouraged to use password
managers to store complex passwords securely.
Authentication Functions
Authentication
Message Authentication Codes
(MACs)
🔹 Example:
An attacker intercepts Alice’s message and changes it to:
📩 "Transfer $5000 to account XYZ.“
When Bob computes the MAC, it will be different from
the MAC received. Bob will reject the message as it is not
authentic.
Message Authentication Codes
(MACs)
Why is MAC Important?
✅ 2. Ensures Authentication
Only those who know the secret key can generate a valid
MAC.
🔹 Example:
If a hacker tries to create a fake message, they cannot
generate a correct MAC because they do not have the
secret key.
MD5
MD5
How MD5 Works (Step-by-Step with Example)
MD5
Why is MD5 Considered Weak? (Collision
Example)
Even though the messages are different, the hashes are the
same! This makes MD5 unsafe for cryptographic security.
MD5 Message Digest Algorithm
MD5
Where is MD5 Still Used?
Although MD5 is not secure for encryption, it is still used for:
✔ File Integrity Checks – Checking if a file is
corrupted or modified.
✔ Non-Security Applications – Storing checksums
for data validation.
🔹 Example:
When you download a software file, the website
might provide an MD5 hash. After downloading,
you can recompute the MD5 hash of the file.
•If the hash matches, the file is not corrupted.
•If it doesn’t match, the file has been modified or
is corrupted.
Secure Hash Algorithm (SHA)
SHA
The Secure Hash Algorithm (SHA) family includes several
hash functions, with SHA-1, SHA-256, and SHA-3 being
the most notable. SHA-1 produces a 160-bit hash, while
SHA-256 generates a 256-bit hash. SHA-2 and SHA-3 are
more secure than MD5 and SHA-1, making them suitable
for cryptographic applications.
What is SHA (Secure Hash Algorithm)?
SHA (Secure Hash Algorithm) is a family of cryptographic
hash functions used for data integrity and security. It
takes an input (message) and generates a fixed-length
hash (digest) that uniquely represents the input.
SHA is commonly used in:
✔ Password hashing (storing passwords securely)
✔ Digital signatures (verifying authenticity)
✔ Data integrity checks (ensuring no data tampering)
Secure Hash Algorithm (SHA)
SHA
Types of SHA Algorithms
✅ SHA-1
•Produces a 160-bit hash (40 hexadecimal
characters)
•No longer secure due to collision attacks
•Example:
"hello"→f572d396fae9206628714fb2ce00f72e94f22
58f
SHA
•More secure than SHA-1
•Commonly used in blockchain (e.g., Bitcoin), SSL
certificates, and digital security
•Example: "hello“→
2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7
425e73043362938b9824
✅ SHA-3
•Latest SHA version, introduced for higher security
•More resistant to attacks than SHA-1 and SHA-2
•Used in modern cryptographic applications
Secure Hash Algorithm (SHA)
How Does SHA Work? (Example)
🔹 Step 1: Take an Input Message
📩"Hello, World!“
🔹 Step 2: Apply SHA-256 Hash Function
After applying SHA-256, we get:
🔹Hash Output:
a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b5
3f6e8b32ad18692
🔹 Step 3: Hash Output is Always Fixed
No matter how many times you hash "Hello, World!", the
output will always be the same.
🔹 Step 4: Even a Small Change Produces a Completely
Different Hash
📩 Message: "hello, world!" (small difference in
capitalization)
🔹 SHA-256 Hash:
09ca7e4eaa6e8ae9c7d261167129184883644d0745a1a608e00fd
17f4e6f5f72
Secure Hash Algorithm (SHA)