UNIT-4

CRYPTOGRAPHIC DATA INTEGRITY

ALGORITHM
 APPLICATION OF HASH FUNCTION

1.DATABASE INDEXING: HASHING IS USED TO INDEX AND RETRIEVE DATA

EFFICIENTLY IN DATABASES AND OTHER DATA STORAGE SYSTEMS.
2.PASSWORD STORAGE: HASHING IS USED TO STORE PASSWORDS SECURELY BY
APPLYING A HASH FUNCTION TO THE PASSWORD AND STORING THE HASHED
RESULT, RATHER THAN THE PLAIN TEXT PASSWORD.
3.DATA COMPRESSION: HASHING IS USED IN DATA COMPRESSION ALGORITHMS,
SUCH AS THE HUFFMAN CODING ALGORITHM, TO ENCODE DATA EFFICIENTLY.
4.SEARCH ALGORITHMS: HASHING IS USED TO IMPLEMENT SEARCH ALGORITHMS,
SUCH AS HASH TABLES AND BLOOM FILTERS, FOR FAST LOOKUPS AND QUERIES.
5.CRYPTOGRAPHY: HASHING IS USED IN CRYPTOGRAPHY TO GENERATE DIGITAL
SIGNATURES, MESSAGE AUTHENTICATION CODES (MACS), AND KEY DERIVATION
FUNCTIONS.
 APPLICATION OF HASH FUNCTION

1.LOAD BALANCING: HASHING IS USED IN LOAD-BALANCING

ALGORITHMS, SUCH AS CONSISTENT HASHING, TO DISTRIBUTE REQUESTS
TO SERVERS IN A NETWORK.
2.BLOCKCHAIN: HASHING IS USED IN BLOCKCHAIN TECHNOLOGY, SUCH
AS THE PROOF-OF-WORK ALGORITHM, TO SECURE THE INTEGRITY AND
CONSENSUS OF THE BLOCKCHAIN.
3.IMAGE PROCESSING: HASHING IS USED IN IMAGE PROCESSING
APPLICATIONS, SUCH AS PERCEPTUAL HASHING, TO DETECT AND
PREVENT IMAGE DUPLICATES AND MODIFICATIONS.
4.FILE COMPARISON: HASHING IS USED IN FILE COMPARISON
ALGORITHMS, SUCH AS THE MD5 AND SHA-1 HASH FUNCTIONS, TO
COMPARE AND VERIFY THE INTEGRITY OF FILES.
SHA (SECURE HASH ALGORITHM)

• SHA-1 or Secure Hash Algorithm 1 is a cryptographic algorithm which

takes an input and produces a 160-bit (20-byte) hash value. This hash
value is known as a message digest. This message digest is usually
then rendered as a hexadecimal number which is 40 digits long. It is a
U.S. Federal Information Processing Standard and was designed by
the United States National Security Agency. SHA-1 is now considered
insecure since 2005. Major tech giants browsers like Microsoft,
Google, Apple and Mozilla have stopped accepting SHA-1 SSL
certificates by 2017
HMAC (MAC BASED ON HASH FUNCTION)

• HMAC (Hash-based Message Authentication Code) is a type of a message

authentication code (MAC) that is acquired by executing a cryptographic hash
function on the data (that is) to be authenticated and a secret shared key. Like
any of the MAC, it is used for both data integrity and authentication. Checking
data integrity is necessary for the parties involved in communication. HTTPS,
SFTP, FTPS, and other transfer protocols use HMAC. The cryptographic hash
function may be MD-5, SHA-1, or SHA-256. Digital signatures are nearly similar
to HMACs i.e they both employ a hash function and a shared key. The
difference lies in the keys i.e HMACs use symmetric key(same copy) while
Signatures use asymmetric (two different keys).
HMAC (MAC BASED ON HASH FUNCTION)

1.Select K.
If K < b, pad 0’s on left until k=b. K is between 0 and b ( 0 < K < b )
2.EXOR K+ with ipad equivalent to b bits producing S1 bits.
3.Append S1 with plain text M
4.Apply SHA-512 on ( S1 || M )
5.Pad n-bits until length is equal to b-bits
6.EXOR K+ with opad equivalent to b bits producing S2 bits.
7.Append S2 with output of step 5.
8.Apply SHA-512 on step 7 to output n-bit hashcode.
 HMAC (MAC BASED ON HASH FUNCTION)
Advantages
• HMACs are ideal for high-performance systems like routers due to the use
of hash functions which are calculated and verified quickly unlike the
public key systems.
• Digital signatures are larger than HMACs, yet the HMACs provide
comparably higher security.
• HMACs are used in administrations where public key systems are
prohibited.

Disadvantages
• HMACs uses shared key which may lead to non-repudiation. If either
sender or receiver’s key is compromised then it will be easy for attackers
to create unauthorized messages.
DIGITAL SIGNATURE
1.Key Generation Algorithms: Digital signature is electronic signatures, which assure that the
message was sent by a particular sender. While performing digital transactions authenticity and
integrity should be assured, otherwise, the data can be altered or someone can also act as if he was
the sender and expect a reply.
2.Signing Algorithms: To create a digital signature, signing algorithms like email programs create a
one-way hash of the electronic data which is to be signed. The signing algorithm then encrypts the
hash value using the private key (signature key). This encrypted hash along with other information
like the hashing algorithm is the digital signature. This digital signature is appended with the data
and sent to the verifier. The reason for encrypting the hash instead of the entire message or
document is that a hash function converts any arbitrary input into a much shorter fixed-length value.
This saves time as now instead of signing a long message a shorter hash value has to be signed and
moreover hashing is much faster than signing.
3.Signature Verification Algorithms : Verifier receives Digital Signature along with the data. It then
uses Verification algorithm to process on the digital signature and the public key (verification key)
and generates some value. It also applies the same hash function on the received data and
generates a hash value. If they both are equal, then the digital signature is valid else it is invalid.