Cryptography and Hash Functions Quiz

Questions and Answers

What is the main purpose of using a fingerprint on a document?

To preserve the integrity of the document (correct)

To enhance the aesthetic appearance of the document

To ensure the document is confidential

To increase the document's size

Which characteristic does NOT describe an ideal cryptographic hash function?

Second preimage resistance

Preimage resistance

Ease of reversibility (correct)

Collision resistance

Why can a checksum function not serve as a cryptographic hash function?

It does not create a message digest

It is reversible in nature

It is not preimage resistant (correct)

It is not collision resistant

What connects a document and its fingerprint as compared to a message and its digest?

They are physically linked together

In the context of hashing, what does collision resistance refer to?

The ability to prevent two different inputs from producing the same hash value

Which of the following is a key aspect of the Random Oracle Model?

It provides an ideal mathematical model for hash functions

What happens when a message is provided to an oracle that finds a matching digest in its table?

The corresponding digest is returned for the message

What is the primary need for message integrity in cryptography?

To prevent unauthorized alterations to the message

What is the required number of tests for an adversary to launch a collision attack on a 64-bit hash function?

$2^{32}$

How long would it take Eve to launch an attack on a 64-bit hash function if she can perform $2^{20}$ tests per second?

Nearly 1 hour

What is the digest size of the MD5 hash function?

128 bits

How many tests does an adversary theoretically need to perform for a SHA-1 collision attack?

$2^{80}$

What is the purpose of a modification detection code (MDC)?

To provide message integrity

What does a message authentication code (MAC) provide that a message digest does not?

Sender authentication

How many tests are needed to find a collision in a SHA-512 hash function?

$2^{256}$

What limitation is recognized regarding the security of MD5 hash functions?

They can be attacked in fewer tests than believed.

What is a Message Authentication Code (MAC) primarily used for?

Verifying the integrity and authenticity of a message

Which function represents the generation of a MAC?

MAC = C(K, M)

What is a key property of a MAC regarding message collisions?

It must be infeasible to find another message with the same MAC.

How does a MAC differ from a digital signature?

A MAC does not provide non-repudiation, while a digital signature does.

What should the distribution of MACs be like according to requirements?

Uniformly distributed to prevent patterns in output.

When is it particularly important to use a MAC?

When message integrity is needed for archival use.

Which of the following best describes the function type of a MAC?

It is a many-to-one function.

What type of attacks must be considered in the security of MACs?

Brute-force and collision resistance attacks must be considered.

What is the maximum message length that SHA-512 can accept?

2^128 bits

What must be added if the original message length is a multiple of 1024 bits?

A length field

In producing W60 for SHA-512, what is its relationship to previous words?

It is made from four previously-created words

How many padding bits are added if the original message is 2590 bits?

353 padding bits

How many pages would a message of 2^128 bits occupy if one page accommodates approximately 2048 bits?

Approximately 2^110 pages

What is the minimum padding length required for a message length of 896 bits?

0 bits

What is the relationship between the message digest size in SHA-512 and the original message size?

Message digest is fixed at 512 bits regardless of the original size

What is the maximum number of padding bits allowed when padding a message?

1023 bits

What is the calculated length of the original message in bits?

897 bits

Which hash function is considered insecure due to similar vulnerabilities as MD5?

SHA-1

What is the primary purpose of the NIST SHA-3 competition announced in 2007?

To replace SHA-2 with SHA-3

Which of the following is NOT one of the requirements for SHA-3?

Support only 256-bit hash values

In which year did Keccak win the SHA-3 competition?

2012

What happens as the first step in the SHA-1 hashing process?

Pad the message so its length is 448 mod 512

Which compression function is made from scratch?

Message Digest (MD)

Which scheme utilizes a symmetric-key block cipher as a compression function?

Whirlpool

What is the primary purpose of a Message Digest Code (MDC)?

To ensure the message has not changed during transmission

Which of the following is NOT a requirement for message security?

Public accessibility

How does symmetric message encryption provide authentication?

Both sender and receiver are privy to the key used

What is a drawback of using public-key encryption for authentication?

It requires two public-key uses on a message

What key aspect does a Message Authentication Code (MAC) provide?

Validation of the message originator's identity

Which function can help identify altered messages?

Message digest creation

What is a common security concern when using public-key encryption?

Increased message size upon encryption

Which aspect is crucial for a hash algorithm to ensure the security of a MAC?

It must be secure from vulnerabilities and risks

Study Notes

Cryptography and Network Security - Week 9-11

• Message Integrity: Cryptography systems often provide secrecy but not integrity. Integrity is crucial in situations where secrecy isn't required, ensuring the data hasn't been tampered with.

• Document and Fingerprint: A practical analogy for preserving document integrity is using a fingerprint. Alice, for example, can add her fingerprint to a document as a way to verify that the content hasn't changed.

• Message and Message Digest: In computing, the electronic equivalent of a fingerprint and document pair is the message and its digest. A hash function maps the message to the digest, also called the "fingerprint."

• Difference between Document/Fingerprint and Message/Digest: Documents and fingerprints are physically linked. Messages and digests can be unlinked, crucial for integrity checks. The digest itself must be protected from change for accurate verification.

• Checking Integrity: Integrity checking involves two steps: a hash function processes the message, producing a digest; this current digest is compared with a previous/stored digest. If they match, the integrity is verified. If the digests differ, there is an indication that the message has been altered.

• Cryptographic Hash Function Criteria: Preimage resistance, second preimage resistance, and collision resistance are essential requirements for a cryptographically secure hash function.

• Preimage Attack: Given a hash value, a preimage attack attempts to find the original message that produced this hash.

• Second Preimage Attack: Given a message and its hash, a second preimage attack aims to find another message that hashes to the same value.

• Collision Attack: This attack attempts to find two different messages that produce the same hash value.

• Random Oracle Model: An ideal mathematical model of a hash function, introduced in 1993 by Bellare and Rogaway, is the Random Oracle Model. This is an idealized model which assumes that the hash function behaves randomly.

• Message Authentication Code (MAC): A MAC is a modification detection code, a cryptographic hash function that authenticates the sender of a message. Unlike a message digest, a MAC requires a shared secret key.

• Modification Detection Code (MDC): An MDC, while useful for detecting changes, does not authenticate the sender of a message.

• Nested MAC: A nested MAC involves applying a hash function twice with a different secret key for each iteration (or applying the MAC function iteratively).

• Symmetric Message Encryption: Symmetric encryption can provide authentication in addition to confidentiality. The receiver knows only the sender and receiver have the key if used correctly.

• Public-Key Message Encryption: Public-key encryption does not necessarily confirm the sender's identity. Signing with a private key and encrypting with a public key adds both authentication and confidentiality.

• Message Authentication Code (MAC) Properties: A MAC is a cryptographic checksum; it condenses a variable-length message into a smaller, fixed-size value using a secret key, and it's a many-to-one function. Finding two matching messages with the same MAC should be computationally infeasible.

• HMAC (Hash-based Message Authentication Code): A widely used MAC based on hash functions, making it often more efficient & adaptable than other approaches.

• Hash Function Requirements: A hash function should be efficient, use variable input sizes, produce fixed-length outputs, resist preimage and second-preimage attacks, and be resistant to collision attacks.

• Birthday Attacks: These attacks exploit the mathematical property of hash functions to find collisions faster, thus reducing their security level if the hash sizes are too small.

• Hash Function Cryptanalysis: Analysis techniques used find weaknesses in a hash function which allow attacks to exploit them faster than brute force.

• Block Ciphers as Hash Functions: Block ciphers can be used to create hash functions, but the resulting hash values are often too small and susceptible to various attacks.

• Secure Hash Algorithm (SHA): A family of cryptographic hash functions designed by NIST and NSA, widely considered secure. Included in the family are SHA-1, SHA-2 (256, 384, 512), and SHA-3 (Keccak).

• SHA-3 Requirements: These include the requirements and features/characteristics of SHA-3 (Keccak).

• Padding and Length Field in SHA-512: Padding and length fields are necessary to prepare a message of variable length for processing ensuring that the length of the message is correctly interpreted and processed.

• Whirlpool Hash Function: A keyed hash function designed in the similar structure/style of other well-known methods like MD4.

• Whirlpool Cipher: A cipher that uses a 512-bit block size.

• Decryption & Verification: A digital signature scheme allows for straightforward verification of the message's integrity and authentication. Methods to overcome weaknesses in this verification process exist.

• Attack Types: Key-Only Attacks, Known-Message Attacks, Chosen-Message Attacks are the three basic categories of an attack aimed at breaking the security of digital schemes.

• Forgery Types: Existential forging, selective forging, and total breaks are types of attacks that target creating a valid signature without having access to the private key of the signer.

• Digital Signature Schemes: This include RSA, ElGamal, Schnorr, DSS, and ECDSA.

• RSA Digital Signature Scheme: General idea behind the RSA digital signature scheme, covering signing and verification, and key generation.

-ElGamal Digital Signature Scheme: General idea behind the ElGamal digital signature scheme, covering key generation, signing, and verification steps.

• Schnorr Digital Signature Scheme: General idea behind the Schnorr digital signature scheme, covering key generation, signing, and verification steps, along with explanations of the required steps.

• Digital Signature Standard (DSS): A standard algorithm for digital signatures, covering key generation and signing/verification.

• ECDSA: A digital signature algorithm based on elliptic curve cryptography, providing key generation, signing and verification.

• Variations: The methods of time-stamping signatures in order to prevent re-use of a signature & blind signatures.

• Entity Authentication: This involves proving the identity of a party or process, whereas message authentication validates the integrity of a message only.

• Verification Categories: Categories for methods in identifying or verifying the authenticity of the sender or entity, such as something known (e.g. a password), something possessed (e.g. an ATM card), and something inherent (e.g. a fingerprint).

• Passwords: Fixed and one-time passwords are traditional methods for entity authentication, relying on something the claimant knows.

• Challenge-Response: Provides authentication using a secret known to the claiming party, without the secret needing to be transmitted.

• Counter with Cipher Block Chaining-Message Authentication Code (CCM): A standard message authentication code (MAC) algorithm.

• Galois/Counter Mode (GCM): A parallelizable message authentication mode, also specified as an internet standard.

• Authenticated Encryption: Methods to protect both confidentiality and authenticity of communications/messages during transmissions. These methods often combine encryption with MAC values.

• Hash Functions: Methods of compressing arbitrary messages to a fixed-size value & its uses (eg. Message Integrity Check, Message Authentication Code, Digital Signatures, Password Verification...).

• Hash function Cryptanalysis Techniques: Various techniques used to find vulnerabilities or weaknesses within a hash function; aimed at finding ways to break security faster than by exhaustive search/brute-force.

• MD5, MD4: Older hash functions that are no longer considered adequately secure. They were common at one point but have since been superseded by more secure methods.

• Security of MACS: A survey of the attacks relevant to breaking various types of MAC algorithms.

• General Characteristics of Hash Functions: A summary of various hash functions (MD5, MD4, SHA-1, SHA-3, SHA-2).

Description

Test your knowledge on cryptographic principles, focusing on hash functions, fingerprints, and message integrity. This quiz covers key concepts such as collision resistance, hash function characteristics, and the Random Oracle Model.