Internet Security Hashing Algorithms Lecture Notes PDF

Summary

This document provides lecture notes on internet security, focusing on hashing algorithms, such as MD5 and SHA-1. It covers the use of these algorithms for data integrity, and methods to compromise hashed passwords. The notes also explain collision resistance and discuss applications in digital signatures.

Full Transcript

Internet Security
Hashing Algorithms

Nu r t u r ing Cu r io u s M ind s ,P r o d u c ing P as s io nat e
Engineer s
 Internet Security

Describe and apply hashing algorithms
MD5.
Describe and apply hashing algorithms
SHA1.
Compare and Contrast hashing algorithms.
Analysis of hashing applications.

2
 Hash

Used for data integrity assurance
Data of Arbitrary Length

Based on one-way mathematical
function
Input data produce a fixed-length
digest (fingerprint) of output data

Hash
Digest is cryptographically strong,
Function
impossible to recover input data from
its digest
e888r4555tggieqd

Fixed Length Hash
Well-known hash functions are
Message Digest 5 (MD5) – 128 bits digest
Secure Hash Algorithm 1 (SHA-1) – 160
bits digest
3
 Hashing

Hash Value
md5 "Hello World" b10a8db164e0754105b7a99be72e3fe5
md5 "Hello" 8b1a9953c4611296a827abf8c47804d7
md5 "Hard Cheese" 3591c82675e50481e3b427c353666ab6

Sha1 "Hello World" 0a4d55a8d778e5022fab701977c5d840bbc486d0
Sha256 "Hello World" a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32
b57b277d9ad9f146e

4
 Message Digest 5 (MD5)

One way function
Easy to compute the hash from the given
data, but unfeasible to compute input
data given only a hash
Collision resistant, i.e. two messages with
the same hash are very unlikely to occur
Popular for Internet application
 SHA-1

Secure Hash Algorithm
Published in 1994
Produce a 160-bit message digest
The algorithm is slightly slower than MD5
 Password Hashing

Account creation and password hashing
The user creates an account.
Password is hashed and stored in the database.
(cleartext password is never stored anywhere)
User attempts to login
Attempted password is hashed.
Hash is checked against hash of original password in password file.
User gains access when hash matches

Never tell the user if it was the username or password they
got wrong. Always display a generic message like "Invalid
username or password." This prevents attackers from
enumerating valid usernames without knowing their
passwords.

7
 How to crack Hashed passwords

Dictionary attacks
Uses a file containing words, phrases, common
passwords, and other strings that are likely to
be used as a password.
Each word in the file is hashed, and its hash is
compared to the password hash
Brute force attack
Tries every possible combination of characters
up to a given length

8
 How to crack Hashed passwords

Hash table lookup
Pre-compute the hashes of the passwords in
a password dictionary and store them with
their corresponding password.
Requires more storage but fast compared to
rainbow table.
Reverse-lookup table
Obtain a user's password and hash, determine
algorithm and apply lookup to all other accounts
Rainbow table
Pre-computed table for reversing cryptographic
hash functions, usually for cracking password
hashes.
Efficient way to store pre-compute hashes but is
slower than hash table lookup.
9
 Adding Salt…

Lookup tables and rainbow tables only
work because each password is hashed
the exact same way.
Randomize the hashes by appending or
prepending a random string, called a salt,
to the password before hashing
E.g. md5sum – "Hello there"+"01234567890"
http://crackstation.net/hashing-security.htm
 Hash Collision

Hash functions map arbitrary amounts of
data to fixed-length strings, there must be
some inputs that hash into the same string.
Cryptographic hash functions are
designed to make these collisions
incredibly difficult to find.
MD5 Collision
https://www.mscs.dal.ca/~selinger/md5collision/

11
Encryption Versus Hashing
Encryption Hashing

Key is usually added
Uses a key as an
to text; the two are
Use of Key input to an
combined, and the
encryption method
combination is hashed

Output is of a
Length of Output is similar in
fixed short length,
Result length to input
regardless of input

Reversible; One-way function; hash
Reversibility ciphertext can be cannot be “de-hashed”
decrypted back to back to the original string
plaintext
 Purpose of Hashing

Non-repudiation
Cannot deny what has been sent.
Detect doctored message
Create a “digest” on the original message
using hash function(s)
Message and “digest” are sent together to
recipient for verification.
Add salt to hash to decrease risk of hash
collision
 Terminology
Message encryption
Ciphertext of entire message serves as
authenticator
Message authentication code (MAC)
A Public function of message and secret key that
produces a fixed length value that serves as
authenticator.
Hash function
A public function that maps a message of any
length into fixed length hash value that serves as
authenticator
 Terminology
Hash-based Message Authentication Code
(HMAC)
Combination of Hash function and MAC using
shared secret

Hashing Algorithms and Security – Computerphile
Video: https://www.youtube.com/watch?v=b4b8ktEV4Bg
 Message Integrity

Allows communicating parties to verify that
received messages are authentic.
Content of message has not been altered
Source of message is who/what you think it is
Message has not been artificially delayed
(playback attack)
Sequence of messages is maintained
Formal Requirements of Hash function
H() can be applied to any block of data of any size
H() produces a fixed length output
H(x) is relatively easy to compute for any given x.
One way property
Weak collision resistance
Given an input X and a hashing function H(), it is very difficult to find another
input X’ on which H(X) = H(X’).

Strong collision resistance
Given a hashing function H() and two arbitrary inputs X and Y, there exists an absolute
minimum chance of H(X) being equal to H(Y).
 Hashing Algorithms

MD5 (Message Digest 5)
Computes 128-bit hash value
Widely used for file integrity checking
MD-5 is based on MD-4 and was created to address
vulnerabilities found in MD-4.
D5 generates 128-bit hash values over 512-bit blocks
in 4 rounds of 16 steps each.
SHA-1 (Secure Hash Algorithm -1)
Computes 160-bit hash value
NIST approved message digest algorithm
SHA-1 also operates on 512-bit blocks, but produces a
160-bit hash value in 4 rounds of 20 steps each.
Other implementations of SHA-256, SHA-384, SHA-512
 Popular Hashing Implementations

MD5
Designed by Ron Rivest in 1991
128 bits output (too short for current use)
developed in 2005
Can be broken on a single notebook within minutes
SHA
Can be broken on a single notebook within minutes
Designed by the NSA, published in 1993
Family of functions: SHA-1, SHA-224,-256,-384,-512
Current recommendation: use SHA-256 (newer)
 optional
Birthday Attack

Collisions
Two messages with the same hash value
Based on the “birthday paradox”
http://en.wikipedia.org/wiki/Birthday_problem
Suppose N people in a room and randomly
choosen, the probability of 2 people having the
same birthday.
Hash algorithms should be resistant to this
attack
Unique digest for each input.
 Message Authentication Code
(MAC)
s = shared secret key

message s
Internet H( )

message s
H( ) compare

message

Authenticates sender with shared secret key
Verifies message integrity
No encryption to the message!
Also called “keyed hash”
Notation: h = H(s||m) ; send m||h
 HMAC

Popular MAC standard
Addresses some subtle security flaws

1. Concatenates secret to front of message.
2. Hashes concatenated message
3. Concatenates the secret to front of digest
4. Hashes the combination again.

Securing Stream Ciphers (HMAC) - Computerphile
Video: https://youtu.be/wlSG3pEiQdc
 End-point authentication

Want to be sure of the originator of the
message – end-point authentication.
Assuming Alice and Bob have a shared
secret, will MAC provide message
authentication.
We do know that Alice created the message.
But did she send it?

29
 Application of Hash in Digital Signatures
Cryptographic technique analogous to hand-
written signatures.
sender (Bob) digitally signs document, establishing
he is document owner/creator.
Goal is similar to that of a MAC, except now use public-
key cryptography
verifiable, nonforgeable: recipient (Alice) can prove to
someone that Bob, and no one else (including Alice), must have
signed document
 Official (Open)

Questions?

HASHING
ALGORITHMS

v2.0/2012 31