Applied Cryptography Lecture 8

Questions and Answers

Which property ensures that two different messages do not produce the same hash value?

• Hash sensitivity
• Collision resistance (correct)
• Second-preimage resistance
• Preimage resistance

What is one of the common applications of hash functions?

• Encryption of data
• Compression algorithms
• Symmetric key generation
• Digital signatures (correct)

What is the output length of the MD5 hash function?

• 512 bits
• 128 bits (correct)
• 160 bits
• 256 bits

Which of the following hash functions was specifically designed for increased security provided by AES?

SHA-256 (A)

What characteristic of a hash function refers to its sensitivity to input changes?

Hash sensitivity (C)

Which of the following hash functions was designed by Ron Rivest and produces a 128-bit hash?

MD4 (B)

Which hash function family is the US federal standard specified by NIST?

SHA Family (A)

What is the main purpose of using hash functions for password hashing?

To create a secure representation of passwords (B)

What is the primary problem the Diffie–Hellman key exchange aims to solve?

Key distribution problem (D)

What mathematical problem does the security of the Diffie-Hellman key exchange rely on?

Discrete logarithm problem (B)

What is the primary function of hash functions in a Windows machine?

To store passwords as hashes instead of texts. (D)

Which of the following describes the domain parameters in the Diffie–Hellman key exchange?

Public parameters p and α (B)

In the context of the Diffie–Hellman key exchange, what do Alice and Bob derive together?

Common session key (A)

What distinguishes the NTLM Hash from the LM Hash?

NTLM Hash is based on RC4, while LM Hash is based on DES. (A)

What should the private keys a and b be generated from in the Diffie-Hellman key exchange?

A true random generator (C)

Which attack allows an attacker to authenticate without possessing the plaintext password?

Pass the Hash Attack (A)

What is the purpose of salting in hash functions?

To add randomness to passwords, preventing cracking. (A)

When Alice and Bob use the key kAB, which symmetric algorithms could employ this key for secure communication?

AES and 3DES (B)

What is the primary function of a hash function in cryptography?

Compressing or computing a digest of a message (C)

Which technique is used to enhance the security of a weak key?

Key Stretching (D)

Which of the following best describes a message digest?

A unique representation or fingerprint of a message (D)

What does the Birthday Attack exploit in hash functions?

The collision of different messages yielding identical hash outputs. (B)

Which layer of security can help prevent Pass the Hash attacks?

Establishing least privilege access. (A)

Which of the following techniques can help protect against the reuse of passwords?

Nonce usage (B)

Flashcards

Diffie-Hellman Key Exchange (DHKE)

A method for two parties to securely agree on a secret key over an insecure channel.

Discrete Logarithm Problem (DLP)

A mathematical problem that forms the basis for the security of DHKE.

Public parameters (p, α)

Public values used in the DHKE setup.

Private key (a, b)

Secret values used by each party to compute their public key.

Public key (A, B)

Derived from the respective private keys.

Session key (kAB)

Shared secret key derived and used for communication.

Hash Function

A function that compresses a message into a fixed-size digest.

Message Digest

The fixed-size output from a hash function.

Hashing Attacks

Techniques used by attackers to exploit vulnerabilities in hash functions, aiming to compromise system security.

Pass the Hash Attack

A technique where attackers steal and use the stored hash values to authenticate without needing the original password.

Birthday Attack

An attack that exploits the possibility of different messages resulting in the same hash digest, leading to collisions.

Key Stretching

A method to enhance the security of weaker keys by increasing the time and effort needed to crack them.

Salting

Adding random data to passwords before hashing to increase security and make brute-force attacks more challenging.

HMAC (Hash-based Message Authentication Code)

A cryptographic authentication technique that uses a hash function and a shared secret key to verify message integrity and authenticity.

Kerberos

A network authentication protocol that uses AES encryption for tickets to securely verify user identities.

What makes a hash function secure?

A secure hash function should be preimage resistant, second-preimage resistant, and collision resistant. This ensures that finding different inputs with the same hash is computationally infeasible.

Preimage Resistance

It should be computationally infeasible to find an input that produces a given hash value.

Second-Preimage Resistance

It should be computationally infeasible to find a different input that produces the same hash value as a given input.

Collision Resistance

It should be computationally infeasible to find two different inputs that produce the same hash value.

MD Family

A family of cryptographic hash functions designed by Ron Rivest. Includes MD2, MD4, and MD5.

SHA Family

A family of cryptographic hash functions designed by NIST. Includes SHA-0, SHA-1, SHA-256, SHA-384, and SHA-512.

Study Notes

Applied Cryptography - Lecture #8

• Public key cryptography is a type of cryptography that uses two keys: a public key and a private key.
• Symmetric ciphers use the same key for encryption and decryption.
• Asymmetric ciphers use different keys for encryption and decryption.
• Diffie-Hellman key exchange (DHKE) is a method for securely exchanging cryptographic keys over an insecure channel.
• DHKE is based on the discrete logarithm problem (DLP).
• Exponentiation in the group Zp, where p is a prime number, is a one-way function.
• Exponentiation is commutative.
• The joint secret key is calculated using a generator (α) raised to the power of the private key.
• The public parameters (p and α) are needed for key exchange.
• The Diffie-Hellman key exchange protocol consists of a setup protocol and a main protocol.
• The setup protocol involves choosing a large prime (p) and an integer (α) between 2 and p-2. These values are then published.
• For key exchange, Alice and Bob choose their private keys, compute their respective public keys, and then derive a shared secret key.
• Alice and Bob compute the same session key.
• The session key (KAB) is used to establish a secure communication.
• A hash function compresses or computes a digest of a message, creating a short, fixed-length bitstring.
• The message digest is unique to the message.
• Hash functions are used in many parts of cryptography and there are different types with differing security properties.
• Uses of hash functions include message authentication, integrity checks, digital signatures, timestamping, and password hashing.
• Practical hash functions have output lengths between 128 and 512 bits.
• Hashing functions should be sensitive to all input bits.
• Properties of hash functions include preimage resistance, second preimage resistance, collision resistance.
• MD, SHA families are examples of cryptographic hash functions.
• MD2, MD4 and MD5 have 128 bit output. SHA-1 has 160 bit, SHA-2(224, 256, 384, 512) have different sizes.

Hashing Attacks

• Pass the Hash: Attackers authenticate to a remote server using the hash instead of the password.
• Birthday Attack: Attackers find two different messages with the same hash digest.
• Preventing Pass the Hash includes using trusted operating systems, multifactor authentication, patching workstations, and using least privilege.

Increasing Hash Security

• Key Stretching: A technique to increase the time needed to crack a key.
• WiFi Protected Access (WPA), WPA2, and other algorithms use this method and employ random values (nonces) to prevent password reuse.
• Salting: Adding random data to a hash to resist password cracking techniques.

Exercise

• Find the shared secret key given parameters p, α, a, and b. p = 17, α = 3, a=7, b = 4

Description

Explore the intricacies of public key cryptography and the Diffie-Hellman key exchange in this quiz. Learn about the differences between symmetric and asymmetric ciphers and how secure key exchange works over insecure channels. Test your understanding of key concepts such as the discrete logarithm problem and exponentiation in cryptography.