Chapter 14 - 03 - Discuss Various Hash Functions and Cryptography Tools - 01_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 14 - 03 - Discuss Various Hash Functions and Cryptography Tools - 01_ocred.pdf
- Chapter 14 - 03 - Discuss Various Hash Functions and Cryptography Tools - 02_ocred.pdf
- Chapter 14 - 03 - Discuss Various Hash Functions and Cryptography Tools - 03_ocred.pdf
- Chapter 14 - 03 - Discuss Various Hash Functions and Cryptography Tools - 02_ocred_fax_ocred.pdf
- Chapter 14 - 03 - Discuss Various Hash Functions and Cryptography Tools - 03_ocred_fax_ocred.pdf
- chp 4.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Cryptography Module Flow ©...
Certified Cybersecurity Technician Exam 212-82 Cryptography Module Flow © Discuss O Discuss - Cryptographic Various W Security Cryptographic ‘ Techniques Algorithms Cryptography /‘ I Discuss Various Discuss PKI and Discuss Other Hash Functions Certificate Applications of and Cryptography Management Cryptography Tools Concepts Discuss Various Hash Functions and Cryptography Tools This section deals with various hash functions such as MD5, MD6, SHA, etc. and cryptography tools that you can use to encrypt sensitive data to protect it from unauthorized access by any party other than the person for whom it is intended. Module 14 Page 1671 Certified Cybersecurity Technician Copyright © by EC-Council EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography IMDS5 and MD6 MDS5 The MD5 algorithm takes a message of arbi as the input and then outputs a it fi int or message digest of the input MDS5 is not collision resistant; use of the the latest algorithms, such as.s and , is recommended uses a Merkle tree-like structure to allow for immense parallel computation of hashes for very long inputs. It is resistant to differential cryptanalysis attacks MDS and MD6 are deployed for digital signature applications, file integrity checking, and storing passwords MDS & SHA1 Hash Generator and Verifier Generate an3 Ganerate a0 vity ity TTe MOSSHAT CHCkuarm KN Ofof & fhe The wERGW WENOW Lgeaang Upadng £ Chooss the | Test Fie et1t Choose Chek 10 Click 10 soloct soloct aa 8o, 8o oror dra) drag and and drop drop && here{ hete max max 4GB 4GB )) Fierare lllll Test FieFibe tnt i Fie se sae oo B s DR 0T L [ S |[ T Besseesas > Crwoaum trpe Crwosum #MDS *MDS SHAL L SHA2% Fie crmchsum crmchsum [+10000 [29140011coamom 1 coamomrraceces rEatcecere 3200 ena | Receiver MDS5 Algorithm DRI Cle https/fonlinemds.com L. All Rights Reserved. Reproduction Reproduction isIs Strictly Prohibited MDS5 and MD6 MD2, MD4, MDS5, and MD6 are message digest algorithms used in digital signature applications to compress a document securely before the system signs it with a private key. The algorithms can be of variable length, but the resulting message digest always has a size of 128 bits. The structures of all three algorithms (MD2, MD4, and MDS5) appear similar, although the design of MD2 is reasonably different from that of MD4 and MD5. MD2 supports 8-bit machines, while MD4 and MDS5MD5 support 32-bit machines. The algorithm pads the message with extra bits to ensure that the number of bits is divisible by 512. The extra bits may include a 64- bit binary message. Attacks on versions of MD4 have become increasingly successful. Research has shown how an attacker launches collision attacks on the full version of MD4 within a minute on a typical PC. MDS is slightly more secure but is slower than MD4. However, both the message digest size and the padding requirements remain the same. MDS is a widely used cryptographic hash function that takes a message of arbitrary length as input and outputs a 128-bit (16-byte) fingerprint or message digest of the input. MD5 can be used in a wide variety of cryptographic applications and is useful for digital signature applications, file integrity checking, and storing passwords. However, MD5 is not collision resistant; therefore, it is better to use the latest algorithms, such as MD6, SHA-2, and SHA-3. MD6 uses a Merkle-tree-like structure to allow for large-scale parallel computation of hashes for very long inputs. It is resistant to differential cryptanalysis attacks. To calculate the effectiveness of hash functions, check the output produced when the algorithm randomizes an arbitrary input message. Module 14 Page 1672 Certified Cybersecurity Technician Copyright © by EC-Gouncil EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. g:yr:,i:;egdr :;Il::rsecurity Technician g:;:::i::f:;::rsecurity Exam 212-82 The following are examples of minimally different message digests: »= echo “There is CHF1500 in the blue bo” | md5sum e41a323bdf20eadafd3f0e4f72055d36 = echo “There is CHF1500 in the blue box” | md5sum 7a0da864a41fd0200ae0ae97afd3279d = echo “There is CHF1500 in the blue box.” | md5sum 2db1ff7a70245309e9f2165c6¢34999d Even minimally different texts produce radically different MD5 codes. MDS5 & SHA1 Hash Generator and Verifier I VDS & SHA1 Hash Generator For File Sender Gevmrate and verfy P MDYSHAL Chechaum Genmrate Chechkaum of &8 She Se without upoadng uploadng ¢ Choose S fie Test Test Fie tat Chcktoto solect Cack saloct aa filo_ o, ofor drag drag and and drop drop ## here( here( max max 4GB )) 4GB ?‘ ", TS _! ‘ Faename Test Test Fre Fée 1ttad b D? ‘ “ ' w) ‘ ‘ Fiename D ‘r‘ , - - b44 \"l | L J File sze sre SIS T L | () Lt e ettt e RT TR A e 1T L S S T T O] e e s s TT i N6 | T e s > ). Checksum type * MDS SHAY A%2% A - HHi :H P ’ Fue cecrsam Fie checksm [291400161CB489088TEID0BOEF [91300161CBAS00BTEI0BOEF IZEE 2EEBABA ] Receiver |Fesessassrsanee P—— PRLTTETETRTPRPRORY, R = e Q ¥ SSR si o.. v | MDS5 Algorithm Corpare Compare Pase stop siop Figure 14.12: Verifying MD5 Hash Note: Message digests are also called as one-way hash functions because they cannot be reversed. :..'............'..'>fi :...............".')fi Document Message Digest Function Hash Value Figure 14.13: Working of Message Digests Module 14 Page 1673 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Secure Hashing Algorithm (SHA) O This algorithm generates a cryptographically secure one-way hash; it was published by the National QO Institute of Standards and Technology as a US Federal Information Processing Standard SHA-1 e 9 e ST, © » 1t produces a 160-bit digest from a message with a maximum length of (2% - 1) bits, and it resembles the MD5 MDS5 algorithm H @ SHE.2 SHA-2. [+ ‘e = ° »5 It is a family of two similar hash functions with different block sizes, namely, Itis = SHA-256, which uses 32-bit words, and SHA-512, which uses 64-bit words. SHA-3 e °» » SHA-3 uses the sponge construction, in which message blocks are XORed into the initial bits of the state, which is then invertibly permuted Secure Hashing Algorithm (SHA) The NIST has developed the Secure Hash Algorithm (SHA), specified in the Secure Hash Standard (SHS) and published as a federal information-processing standard (FIPS PUB 180). It generates a cryptographically secure one-way hash. Rivest developed the SHA, which is similar to the message digest algorithm family of hash functions. It is slightly slower than MD5, but its larger message digest makes it more secure against brute-force collision and inversion attacks. SHA encryption is a series of five different cryptographic functions, and it currently has three generations: SHA-1, SHA-2, and SHA-3. = SHA-0: A retronym applied to the original version of the 160-bit hash function published in 1993 under the name SHA, which was withdrawn from trade due to an undisclosed “significant flaw” in it. It was replaced with a slightly revised version, namely SHA-1. = SHA-1: It is a 160-bit hash function that resembles the former MD5 MDS5 algorithm developed by Ron Rivest. It produces a 160-bit digest from a message with a maximum length of (254 - 1) bits. It was designed by the National Security Agency (NSA) to be part of the Digital Signature Algorithm (DSA). It is most commonly used in security protocols such as PGP, TLS, SSH, and SSL. As of 2010, SHA-1 is no longer approved for cryptographic use because of its cryptographic weaknesses. = SHA-2: SHA2 is a family of two similar hash functions with different block sizes, namely SHA-256, which uses 32-bit words, and SHA-512, which uses 64-bit words. The truncated versions of each standard are SHA-224 and SHA-384. = SHA-3: SHA-3 uses sponge construction in which message blocks are XORed into the initial bits of the state, which the algorithm then invertibly permutes. It supports the same hash lengths as SHA-2 but differs in its internal structure considerably from the rest of the SHA family. Module 14 Page 1674 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Cryptography Comparison of SHA functions (SHA-0, SHA-1, SHA-2, and SHA-3). Oiitout ile In:::;:al Block | Maximum Output size ' state ' Algorithm and variant m(:lts) size Size | message | Rounds Operations Operations Security (bits) (bits) size (bits) (bits) || size (bits) size (bits) (bits) (bits) 32 128 128 64 Addmod Addmod 2", 2°, |._qg
