HASH FUNCTIONS ANDDIGITAL SIGNATURES

Message Authentication Requirements

●
Revelation: It means releasing the content of the message to someone who does not have an appropriate
cryptographic key.
●
Analysis of Traffic: Determination of the pattern of traffic through the duration of connection and frequency of
connections between different parties.
●
Deception: Adding out of context messages from a fraudulent source into a communication network. This will
lead to mistrust between the parties communicating and may also cause loss of critical data.
●
Modification in the Content: Changing the content of a message. This includes inserting new information or
deleting/changing the existing one.
●
Modification in the sequence: Changing the order of messages between parties. This includes insertion,
deletion, and reordering of messages.
●
Modification in the Timings: This includes replay and delay of messages sent between different parties. This
way session tracking is also disrupted.
●
Source Refusal: When the source denies being the originator of a message.
●
Destination refusal: When the receiver of the message denies the reception.
 Message Authentication Functions:
●
Lower level: At this level, there is a need for a function that produces an authenticator, which is the value that
will further help in the authentication of a message.
●
Higher-level: The lower level function is used here in order to help receivers verify the authenticity of
messages.
●
These message authentication functions are divided into three classes:
●

●
Message encryption: While sending data over the internet, there is always a risk of a Man in the middle(MITM)
attack. A possible solution for this is to use message encryption. In message encryption, the data is first
converted to a ciphertext and then sent any further. Message encryption can be done in two ways:
●
Symmetric Encryption: Say we have to send the message M from a source P to destination Q. This message M
can be encrypted using a secret key K that both P and Q share. Without this key K, no other person can get
the plain text from the ciphertext. This maintains confidentiality. Further, Q can be sure that P has sent the
message. This is because other than Q, P is the only party who possesses the key K and thus the ciphertext
can be decrypted only by Q and no one else. This maintains authenticity. At a very basic level, symmetric
encryption looks like this:
●
Public key Encryption: Public key encryption is not as advanced as symmetric
encryption as it provides confidentiality but not authentication. To provide both
authentication and confidentiality, the private key is used.
●
Message authentication code (MAC): A message authentication code is a security
code that the user of a computer has to type in order to access any account or
portal. These codes are recognized by the system so that it can grant access to the
right user. These codes help in maintaining information integrity. It also confirms the
authenticity of the message.
●
Hash function: A hash function is nothing but a mathematical function that can
convert a numeric value into another numeric value that is compressed. The input to
this hash function can be of any length but the output is always of fixed length. The
values that a hash function returns are called the message digest or hash values.
 Measures to deal with these attacks:
●
Message Authentication: To deal with the analysis of traffic and deception issues, message
authentication is helpful. Here, the receiver can be sure of the real sender and his identity.
To do this, these methods can be incorporated:
●
Parties should share secret codes that can be used at the time of identity authentication.
●
Digital signatures are helpful in the authentication.
●
A third party can be relied upon for verifying the authenticity of parties.Digital Signatures:
Digital signatures provide help against a majority of these issues. With the help of digital
signatures, content, sequence, and timing of the messages can be easily monitored.
Moreover, it also prevents denial of message transmission by the source.
●
Combination of protocols with Digital Signatures: This is needed to deal with the denial of
messages received. Here, the use of digital signature is not sufficient and it additionally
needs protocols to support its monitoring.
 HASH FUNCTION
●
Hash functions are a fundamental concept in computer science and play a crucial role in
various applications such as data storage, retrieval, and cryptography. A hash function
creates a mapping from an input key to an index in hash table. Below are few examples.
●
Phone numbers as input keys : Consider a hash table of size 100. A simple example hash
function is to consider the last two digits of phone numbers so that we have valid hash table
indexes as output. This is mainly taking remainder when input phone number is divided by
100. Please note that taking first two digits of a phone number would not be a good idea for a
hash function as there would be many phone number having same first two digits.
●
Lowercase English Strings as Keys : Consider a hash table of size 100. A simple way to hash
the strings would be add their codes (1 for a, 2 for b, … 26 for z) and take remainder of the
sum when divided by 100. This hash function may not be a good idea as strings “ad” and “bc”
would have the same hash value. A better idea would be to do weighted sum of characters
and then find remainder. Please refer an example string hashing function for details.
●
Deterministic: A hash function must consistently produce the same output for the same input.
●
Fixed Output Size: The output of a hash function should have a fixed size, regardless of the size of the input.
●
Efficiency: The hash function should be able to process input quickly.
●
Uniformity: The hash function should distribute the hash values uniformly across the output space to avoid clustering.
●
Pre-image Resistance: It should be computationally infeasible to reverse the hash function, i.e., to find the original input
given a hash value.
●
Collision Resistance: It should be difficult to find two different inputs that produce the same hash value.
●
Avalanche Effect: A small change in the input should produce a significantly different hash value.
Applications of Hash Functions
●
Hash Tables: The most common use of hash functions in DSA is in hash tables, which provide an efficient way to store and
retrieve data.
●
Data Integrity: Hash functions are used to ensure the integrity of data by generating checksums.
●
Cryptography: In cryptographic applications, hash functions are used to create secure hash algorithms like SHA-256.
●
Data Structures: Hash functions are utilized in various data structures such as Bloom filters and hash sets.
 Types of Hash Functions
●
Division Method.
●
Multiplication Method
●
Mid-Square Method
●
Folding Method
●
Cryptographic Hash Functions
●
Universal Hashing
●
Perfect Hashing
 Features of hash functions in system security:
●
One-way function: Hash functions are designed to be one-way functions, meaning that it is easy to compute the
hash value for a given input, but difficult to compute the input for a given hash value. This property makes hash
functions useful for verifying the integrity of data, as any changes to the data will result in a different hash value.
●
Deterministic: Hash functions are deterministic, meaning that given the same input, the output will always be the
same. This makes hash functions useful for verifying the authenticity of data, as any changes to the data will
result in a different hash value.
●
Fixed-size output: Hash functions produce a fixed-size output, regardless of the size of the input. This property
makes hash functions useful for storing and transmitting data, as the hash value can be stored or transmitted
more efficiently than the original data.
●
Collision resistance: Hash functions should be designed to be collision resistant, meaning that it is difficult to find
two different inputs that produce the same hash value. This property ensures that attackers cannot create a false
message that has the same hash value as a legitimate message.
●
Non-reversible: Hash functions are non-reversible, meaning that it is difficult or impossible to reverse the process
of generating a hash value to recover the original input. This property makes hash functions useful for storing
passwords or other sensitive information, as the original input cannot be recovered from the hash value.
 HMAC (Hash-based Message Authentication Code)
●
As the Hash Function, HMAC is also aimed to be one way, i.e.,
easy to generate output from input but complex the other way
around.
●
It aims at being less affected by collisions than the hash
functions.
●
HMAC reuses algorithms like MD5 and SHA-1 and checks to
replace the embedded hash functions with more secure hash
functions, in case found.
●
HMAC tries to handle the Keys in a more simple manner.
●
Here, H stands for Hashing function,
●
M is the original message
●
Si and So are input and output signatures respectively,
●
Yi is the ith block in original message M, where I ranges from [1, L)
●
L = the count of blocks in M
●
K is the secret key used for hashing
●
IV is an initial vector (some constant)
●
The generation of input signature and output signature Si and So
respectively.
●
The data is initially hashed by the client using a private key before being sent to the server as
part of the request. The server then creates its own HMAC. This assures that the process is
not vulnerable to attacks, which could result in crucial data being disclosed as subsequent
MACs are generated. Additionally, once the procedure is completed, the delivered message
becomes irreversible and resistant to hackers. Even if a malicious party attempts to steal the
communication, they will be unable to determine its length or decrypt it because they do not
have the decryption key.
Advantages of HMAC
●
HMACs are ideal for high-performance systems like routers due to the use of hash functions
which are calculated and verified quickly unlike the public key systems.
●
Digital signatures are larger than HMACs, yet the HMACs provide comparably higher security.
●
HMACs are used in administrations where public key systems are prohibited.
●
Disadvantages of HMAC
●
HMACs uses shared key which may lead to non-repudiation. If either sender or receiver’s key is compromised then it will be
easy for attackers to create unauthorized messages.
●
Securely managing and distributing secret keys can be challenging.
●
Although unlikely, hash collisions (where two different messages produce the same hash) can occur.
●
The security of HMAC depends on the length of the secret key. Short keys are more vulnerable to brute-force attacks.
●
The security of HMAC relies on the strength of the chosen hash function (e.g., SHA-256). If the hash function is compromised,
HMAC is also affected.
●
Applications of HMAC
●
Verification of e-mail address during activation or creation of an account.
●
Authentication of form data that is sent to the client browser and then submitted back.
●
HMACs can be used for Internet of things (IoT) due to less cost.
●
Whenever there is a need to reset the password, a link that can be used once is sent without adding a server state.
●
It can take a message of any length and convert it into a fixed-length message digest. That is even if you got a long message,
the message digest will be small and thus permits maximizing bandwidth.
 Cipher-Based Message Authentication Code (CMAC)
●
CMAC is a block cipher-based algorithm that uses a secret key to
generate a message authentication code (MAC) for a given message.
The algorithm works by dividing the input message into fixed-length
blocks, each of which is processed by the block cipher in a special way.
●

●
The CMAC algorithm is based on the CBC-MAC (Cipher Block Chaining
Message Authentication Code) technique, which uses the block cipher
in CBC mode to generate a MAC for a given message. However, CMAC
introduces some modifications to the CBC-MAC technique to overcome
its limitations.
●
Key Generation: A secret key is generated by the user, which is used to
generate the MAC.
●
Padding: The input message is padded with zeros to ensure that its
length is a multiple of the block size.
●
Initialization: The algorithm initializes two block-sized vectors, denoted by
L and R. The L vector is used to generate the first MAC block, while the
R vector is used for the remaining blocks.
●
First Block Processing: The first block of the message is XORed with the
L vector, and the result is encrypted using the block cipher. The resulting
ciphertext is then XORed with the R vector.
●
Intermediate Block Processing: The remaining blocks of the
message are processed in a similar way. Each block is XORed
with the previous ciphertext, encrypted using the block cipher,
and XORed with the R vector.
●
Final Block Processing: After all the blocks have been processed,
the resulting ciphertext is encrypted once more using the block
cipher, and the result is XORed with the L vector to obtain the
final MAC value.
●
Output: The final MAC value is the output of the CMAC algorithm.
 Features of CMAC:
●
Strong Security: CMAC provides strong security against various types of
attacks, including message forgery, replay attacks, and substitution attacks.
●
Fixed-Length Output: The output of the CMAC algorithm is a fixed-length
MAC, which makes it easy to compare and verify.
●
Efficient: CMAC is an efficient algorithm that can generate a MAC for a
given message in a short amount of time.
●
Key Reuse: The same key can be reused for multiple messages without
compromising the security of the MAC.
●
Easy Implementation: CMAC is easy to implement in software and
hardware, making it a popular choice for many applications.
 Limitations of CMAC:
●
Limited Key Size: The security of CMAC depends on the key size used. If the key size is too
small, it can be easily brute-forced, compromising the security of the MAC. Therefore, it is
recommended to use a key size of at least 128 bits.
●
Vulnerability to Side-Channel Attacks: Like any cryptographic algorithm, CMAC is vulnerable
to side-channel attacks. Side-channel attacks are attacks that exploit weaknesses in the
implementation of the algorithm rather than weaknesses in the algorithm itself. Therefore, it is
important to implement CMAC correctly to prevent side-channel attacks.
●
Limited Block Size: CMAC has a limited block size, which means that it can only generate
MAC values for messages that are smaller than the block size. If a message is larger than
the block size, it must be divided into smaller blocks and processed separately, which can be
inefficient.
●
Key Management: The security of CMAC depends on the security of the key used. Therefore,
it is important to manage the keys properly to prevent unauthorized access to the key.
 APPLICATIONS
●
Secure Communication: CMAC is used to authenticate messages in
secure communication protocols such as SSL/TLS, IPSec, and SSH.
●
File Integrity: CMAC is used to verify the integrity of files and ensure
that they have not been tampered with.
●
Digital Signatures: CMAC is used to generate digital signatures, which
are used to verify the authenticity of documents and messages.
●
Payment Systems: CMAC is used in payment systems such as credit
cards and electronic wallets to authenticate transactions and prevent
fraud.
 Digital Signature Standard (DSS)
●
Sender Side: In DSS Approach, a hash code is generated out of
the message and following inputs are given to the signature
function –
●
The hash code.
●
The random number ‘k’ generated for that particular signature.
●
The private key of the sender i.e., PR(a).
●
A global public key(which is a set of parameters for the
communicating principles) i.e., PU(g).
●
These input to the function will provide us with the output signature containing
two components – ‘s’ and ‘r’. Therefore, the original message concatenated with
the signature is sent to the receiver. Receiver Side : At the receiver end,
verification of the sender is done. The hash code of the sent message is
generated. There is a verification function which takes the following inputs –

●
The hash code generated by the receiver.
●
Signature components ‘s’ and ‘r’.
●
Public key of the sender.
●
Global public key.
 Benefits of advanced signature
●
1.A computerized signature gives better security in the exchange. Any unapproved individual can’t do
fakeness in exchanges.
●
2.You can undoubtedly follow the situation with the archives on which the computerized mark is
applied.
●
3.High velocity up record conveyance.
●
4.It is 100 percent lawful it is given by the public authority approved ensuring authority.
●
5.In the event that you have marked a report carefully, you can’t deny it.
●
6.In this mark, When a record is get marked, date and time are consequently stepped on it.
●
7.It is preposterous to expect to duplicate or change the report marked carefully.
●
8.ID of the individual that signs.
●
9.Disposal of the chance of committing misrepresentation by a sham.
Digital Signature Properties

It must authenticate the

It must verify the author contents at the time of It must be verifiable by
and the date and time of the signature third parties, to resolve
the signature disputes
 Digital Signature Requirements
● The signature must be a bit pattern that depends on the message
being signed
● The signature must use some information unique to the sender to
prevent both forgery and denial
● It must be relatively easy to produce the digital signature
● It must be relatively easy to recognize and verify the digital signature
●
It must be computationally infeasible to forge a digital signature, either
by constructing a new message for an existing digital signature or by
constructing a fraudulent digital signature for a given message
● It must be practical to retain a copy of the digital signature in
storage
 Direct Digital Signature
● Refers to a digital signature scheme that involves only the
communicating parties. It is assumed that the destination knows the public
key of the source

●
Confidentiality can be provided by encrypting the entire message plus signature with
a shared secret key
●
It is important to perform the signature function first and then an outer
confidentiality function
● In case of dispute some third party must view the message and its
signature
● The validity of the scheme depends on the security of the sender’s private key
● If a sender later wishes to deny sending a particular message, the sender can claim that the private key
was lost or stolen and that someone else forged his or her signature

●
One way to thwart or at least weaken this ploy is to require every signed message to include a timestamp
and to require prompt reporting of compromised keys to a central authority
 Elgamal DS
● Scheme involves the use of the private key for encryption and the public key for decryption
● Global elements are a prime number q and a, which is a primitive root of q
● Use private key for decryption (verification)
● Uses public key for encryption (signing)
 Elliptic Curve Digital Signature Algorithm

●
Key Pair: ECDSA uses a private key and a corresponding
public key, derived from the private key using elliptic curve
operations.
●
Signing: The private key is used to sign a message, creating
a digital signature.
●
Verification: The public key is used to verify the signature,
ensuring the message's authenticity and integrity.
●
Advantages:
●
Efficiency: ECDSA requires smaller keys than RSA to achieve the same level of security, leading to faster
computations and smaller storage requirements.
●
Security: The security of ECDSA is based on the difficulty of the elliptic curve discrete logarithm problem, which is
considered more computationally challenging than the problems that RSA relies on.
●
Applications:
●
ECDSA is widely used in various applications, including:
●
Blockchain: Bitcoin and other cryptocurrencies use ECDSA for transaction signing and verification.
●
Secure Communication: ECDSA is used in Transport Layer Security (TLS) for encrypting connections between
web browsers and web applications.
●
Digital Signatures: ECDSA is used to create and verify digital signatures for various documents and data.
●
Example:
●
In Bitcoin, Bitcoin addresses serve as public keys, and ECDSA is used to sign and verify transactions.
RSA DSS
●
The message digest (MD1) was encrypted using A’s private key to produce a digital signature.
Therefore, the digital signature can be decrypted using A’s public key (due to asymmetric form
of RSA). If the receiver B is able to decrypt the digital signature using A’s public key, it means
that the message is received from A itself and now A cannot deny that he/she has not sent the
message. It also proves that the original message did not tamper because when the receiver B
tried to find its own message digest MD2, it matched with that of A’s MD1. Suppose a malicious
user tries to access the original message and perform some alteration.
●

●
Now he/she will calculate a new message digest over the altered message. It might concern
you with data integrity and confidentiality but here’s the catch. The attacker will have to sign
the altered message using A’s private key in order to pose as A for the receiver B. However, an
attacker cannot sign the message with A’s private key because it is known to A only. Hence, the
RSA signature is quite strong, secure, and reliable.
 Attacks on RSA Digital Signature
●
Chosen-message Attack – In the chosen-message attack, the attacker creates two different messages,
M1 and M2, and somehow manages to persuade the genuine user to sign both the messages using
RSA digital-signature scheme. Let’s consider message M1 and message M2. so, the attacker computes
a new message M = M1 x M2 and then claims that the genuine user has signed message M.
●
Key-only Attack – In this attack, the Assumption is that attacker has access to the genuine user public
key and tries to get a message and digital signature. OnlyThe attacker then tries to create another
message MM such that the same signature S looks to be valid on MM. However, it is not an easy attack
to launch since the mathematical complexity beyond this is quite high.
●
Known-message Attack – In a known-message attack, the attacker tries to use a feature of RSA
whereby two different messages having two different signatures can be combined so that their
signatures also combine. To take an example, let us say that we have two different messages M1 and
M2 with respective digital signatures as S1 and S2. Then if M = (M1 x M2) mod n, mathematically S =
(S1 ¥ S2) mod n. Hence, the attacker can compute M = (M1 x M2) mod n and then S = (S1 x S2) mod n
to forge a signature.
 NIST DSA
●
M = Message or Plaintext
●
H = Hash Function
●
|| = Group the plantext and hash function (hash digest)
●
E = Encryption Algorithm
●
D = Decryption Algorithm
●
PUa = Public key of sender
●
PRa = Private key of sender
●
Sig = Signature function
●
Ver = Verification function
●
PUG = Global public Key
●
User Private Key (PR): A secret cryptographic key only possessed by the user, used to sign
messages. It's used to verify digital signatures created with a corresponding private key.
●
User Public Key (PU): A publicly known key that can be shared with anyone, used for signature
verification. As it is, the private key must be kept secret and secure because it proves that a
given user is genuine.
●
Signing (Sig): Signing involves creating a digital signature with the help of a user's private key.
In case of DSA, this process requires mathematical operations to be performed on the message
that should be signed using a given private key in order to generate a unique signature for that
message.
●
Verifying (Ver): Verifying is the process of verifying whether or not a digital signature has been
forged using its corresponding public key. In DSA, this involves comparing the messages hash
against the verification value through mathematical operations between two binary strings – one
representing an encrypted data and another one representing plain-text original message.
 Services Provided By DSA
●
Message Authentication: A secure digital signature scheme, like a secure conventional signature
(one that cannot be easily copied) can provide message authentication (also referred to as data-
origin authentication). Bob can easily confirm that the plaintext/message is sent by Alice as
Alice’s public key is used for verification and the Alice’s public key woult not verify the signature
signed by Eve’s private key. Hence, A digital signature provides message authentication.
●
Message Integrity: When we sign a whole message, its integrity remains intact because if the
message changes, we won't get the same signature. Nowadays, digital signature methods use a
special function called a hash function in both signing and verifying to ensure the message's
integrity.
●
Nonrepudiation: If Alice signs a message and later claims she didn't, can Bob provide evidence
that she did? For example, if Alice instructs a bank (Bob) to transfer $10,000 to Ted's account
and then denies sending the message, Bob needs to keep the signed message and use Alice's
public key to recreate it.
●
Authentication: At some point, digital signatures ensure strong identity authentication for the sender. The recipient can be sure
that the message or document was signed by the purported signatory.
●
Integrity: Digital signatures ensure the integrity of the content. If something is altered in the content after the signature is made,
then it becomes invalid with respect to verifying the content.
●
Non-Repudiation: A digital signature gives non-repudiation, meaning the sender cannot disclaim his creation of that document
post factum. Most relevant in legal and contractual issues.
●
Efficiency: Digital signatures make the process of signing electronic and automate it, giving way to fast online transactions free
from the need of manual verification, paperwork, and a physical signature.
●
Security: As long as the whole digital signing process is well organized, digital signatures may prove to be secure.
Cryptographic public key cryptography and hashing algorithms prevent unauthorized parties from forging digital signatures.
●
World Acceptance: Such a mechanism (digital signatures) to represent the conclusion of the related transaction in case of
legal or contractual terms is known and widely accepted all over the world.
●
Timestamping: Timestamping would also make another secure layer against replay attacks and against the freshness of the
signature.
●
Cost Savings: The digital signing process discontinues the need for transporting documents, thereby saving on costs to be
done with printing, courier services, and manual handling.
 Disadvantages of DSA
●
Key Management Complexity: Cryptographic keys that are used for signing documents must be properly managed. Generating,
storing, and distributing keys in a secure manner are all complicated procedures that need to be attended to, and revocation has
to be handled carefully.
●
Infrastructure Dependence: Digital signatures are built on a secure and reliable infrastructure of Public Key Infrastructure (PKI)
and Certificate Authorities. If the infrastructure is compromised or becomes unavailable, it may compromise trust in digital
signatures.
●
Legal and Regulatory Challenges: Although many people are increasingly using digital signatures, there might still be legal and
regulatory challenges in some places. It will be very important to observe local laws and standards.
●
Initial Setup Costs: A proper setup of an extensive digital signature system may include the cost of obtaining certificates for
digital certificates, putting in place safety measures, and training of the users.
●
Offline Usability: In the event of not having access to the signer's private key, digital signatures are found to be challenged.
Solutions of hardware tokens and secure elements add to the complexity.
●
User Education: Education of the proper application and value of digital signatures is necessary in order that the users should
be educated in use. The correct measures to be taken against vulnerability, as well as being aware of any possible threat, are
important in successful implementation.
●
Vulnerability to Key Compromise: Private keys need to be safeguarded from unauthorized access since one compromised
private key can initiate fraudulent signatures.