HASH FUNCTION

HASH FUNCTION
• A hash function H accepts a variable-length block of data M as
input and produces a fixed-size hash value h = H(M).

• A “good” hash function has the property that the results of

applying the function to a large set of inputs will produce
outputs that are evenly distributed and apparently random.

• The principal object of a hash function is data integrity.

• A change to any bit or bits in M results, with high probability,

in a change to the hash value.
REQUIREMENTS AND SECURITY
Application of cryptographic hash function
1.Message Authentication
2.digital signatures
3.other applications
• Message authentication is a mechanism or service used to verify the
integrity of a message.
• Message authentication assures that data received are exactly as sent
with no modification, insertion, deletion, or replay.
•When a hash function is used to provide message authentication, the
hash function value is often referred to as a message digest.
a) The message plus concatenated hash code is encrypted using symmetric encryption. The hash code

provides the structure or redundancy required to achieve authentication. Encryption is applied to the

entire message plus hash code, confidentiality is also provided.

b) Only the hash code is encrypted, using symmetric encryption. This reduces the processing burden for

those applications that do not require confidentiality.

c) It is possible to use a hash function but no encryption for message authentication. The technique

assumes that the two communicating parties share a common secret value S. A computes the hash

value over the concatenation of M and S and appends the resulting hash value to M.

Because B possesses S, it can recomputed the hash value to verify. Because the secret value itself is not

sent, an opponent cannot modify an intercepted message and cannot generate a false message.

d) Confidentiality can be added to the approach of method (c) by encrypting the entire message plus the

hash code.
Reasons for not interest to encryption of message
a)Encryption software is relatively slow.
b)Encryption hardware costs are not negligible.
c)Encryption hardware is optimized toward large data sizes.
d)Encryption algorithms may be covered by patents, and there is a cost
associated with licensing their use.
MESSAGE AUTHENTICATION:
The message authentication is achieved using a message authentication code (MAC), also
known as a keyed hash function.
• Typically, MACs are used between two parties that share a secret key to authenticate
information exchanged between those parties.
• A MAC function takes as input a secret key and a data block and produces a hash value,
referred to as the MAC, which is associated with the protected message.
• If the integrity of the message needs to be checked, the MAC function can be applied to
the message and the result compared with the associated MAC value.
• An attacker who alters the message will be unable to alter the associated MAC value
without knowledge of the secret key.
• Note that the verifying party also knows who the sending party is because no one else
knows the secret key.
• In practice, specific MAC algorithms are designed that are generally more efficient than an
encryption algorithm.
Digital Signatures :

Another important application, which is similar to the message authentication application,

is the digital signature.

• The operation of the digital signature is similar to that of the MAC.

• In the case of the digital signature, the hash value of a message is encrypted with a
user’s private key.

• Anyone who knows the user’s public key can verify the integrity of the message that is
associated with the digital signature.

• In this case, an attacker who wishes to alter the message would need to know the user’s
private key.
1. The hash code is encrypted, using public-key encryption with the
sender’s private key. It also provides a digital signature, because only
the sender could have produced the encrypted hash code. In fact, this is
the essence of the digital signature technique.

2. If confidentiality as well as a digital signature is desired, then the

message plus the private-key encrypted hash code can be encrypted
using a symmetric secret key.
Other Applications:

Hash functions are commonly used to create a one-way password file.

• The actual password is not retrievable by a hacker who gains access to the
password file.

• In simple terms, when a user enters a password, the hash of that password
is compared to the stored hash value for verification.

• This approach to password protection is used by most operating systems.

• Hash functions can be used for intrusion detection and virus detection.
 TWO SIMPLE HASH FUNCTIONS

1) bit-by-bit exclusive-OR (XOR)

2) one-bit circular shift
• All hash functions operate using the following general principles.
• The input message is viewed as a sequence of n -bit blocks.
• The input is processed one block at a time in an iterative fashion to produce an n-bit
hash function.
• One of the simplest hash functions is the bit-by-bit exclusive-OR (XOR) of every block.
This can be expressed as
Ci=bi1⊕bi2⊕g⊕bim
where
Ci=I th bit of the hash code, 1…i…n
m=number of n-bit blocks in the input
bij =ith bit in jth block
⊕=XOR operation
• This operation produces a simple parity bit for each bit position and is
known as a longitudinal redundancy check.
• It is reasonably effective for random data as a data integrity check.
• Each n-bit hash value is equally likely.
• Thus, the probability that a data error will result in an unchanged hash value
is 2-n.
• With more predictably formatted data, the function is less effective.
• For example, in most normal text files, the high-order bit of each octet is
always zero.
• if a 128-bit hash value is used, instead of an effectiveness of 2-128, the hash
function on this type of data has an effectiveness of 2-112.
one-bit circular shift hash function:
• A simple way to improve matters is to perform a one-bit circular shift, or
rotation, on the hash value after each block is processed.
• The procedure can be summarized as follows.
1)Initially set the n-bit hash value to zero.
2)Process each successive n-bit block of data as follows:
a)Rotate the current hash value to the left by one bit.
b)XOR the block into the hash value.
• Although the second procedure provides a good measure of data integrity, it is
virtually useless for data security when an encrypted hash code is used with a plain-
text message.

• It Simply prepare the desired alternate message and then append an n-bit block
that forces the new message plus block to yield the desired hash code.

• Although a simple XOR or rotated XOR (RXOR) is insufficient if only the hash code is
encrypted, you may still feel that such a simple function could be useful when the
message together with the hash code is encrypted .
Attacks
1) Brute-force attacks
2) Cryptanalysis.
3) Collision resistant attacks
4) Pre image and second preimage attacks
5) Collision resistant attacks
SECURE HASH ALGORITHM(SHA)
• The SHA-1 is a cryptographic computer security algorithm.
• It was created by the US National Security Agency in 1995,
• Some of the protocols that use SHA-1 include:
• Transport Layer Security (TLS)
• Secure Sockets Layer (SSL)
• Pretty Good Privacy (PGP)
• Secure Shell (SSH)
• Secure/Multipurpose Internet Mail Extensions (S/MIME)
• Internet Protocol Security (IPSec)
DESIGN LOGIC SHA512
• The plain text block size=1024 bits
• No of rounds or steps=80
• In each round it generates QWORD from plain text =64bits
• The input is processed in 1024-bit blocks.
• The algorithm takes as input a message with a maximum length of less than 2128 bits
• It produces as output a 512-bit message digest.
• Each round it uses constant =k
• It uses 8 (i.e. 512/64) buffers to store intermediate results and to store hash code h
• Each buffer size= 64 bits
• Applied procedures like out put of Block1->block2->.........block8->hash_code
• Spet1: Append padding bits means pad the bits 100.. So that length of plain
text is 128 less than multiple and 1024 bits

• Step 2: Append length means 128 bits representation of original plain text
such that length=multiples of1024 bits

• Step3: Initialize hash buffers (a,b,c,d,e,f,g,h) 64 bits in hexadecimal form

• Step 4: process each block and plain text in 80 rounds or steps

• Step 5: output in buffers is hash code(512)

Step 1 :Append padding bits. The message is padded so that its length is
congruent to 896 modulo 1024 .
• Padding is always added, even if the message is already of the desired length.
• Thus, the number of padding bits is in the range of 1 to 1024.
• The padding consists of a single 1 bit followed by the necessary number of 0
bits.
Step 2: Append length.
• A block of 128 bits is appended to the message.
• This block is treated as an unsigned 128-bit integer and contains the length of
the original message in bits before the padding .
• The outcome of the first two steps yields a message that is an integer multiple
of 1024 bits in length.
• The expanded message is rep-resented as the sequence of 1024-bit blocks M1,
M2,.., MN, so that the total length of the expanded message is N * 1024 bits.
Step 3 Initialize hash buffer.
• A 512-bit buffer is used to hold intermediate and final results of the
hash function.
• The buffer can be represented as eight 64-bit registers (a, b, c, d, e, f,
g, h).
• These registers are initialized to the following 64-bit integers
(hexadecimal values):

These values are stored in big-endian format.

These words were obtained by taking the first sixty-four bits of the
fractional parts of the square roots of the first eight prime numbers.
Step 4: Process message in 1024-bit (128-byte) blocks.
• The heart of the algorithm is a module that consists of 80 rounds;
• Each round takes as input the 512-bit buffer value, abcdefgh, and updates
the contents of the buffer.
• At input to the first round, the buffer has the value of the intermediate
hash value, Hi - 1.
• Each round it makes use of a 64-bit value Wt, derived from the current
1024-bit block being processed (Mi).
• These values are derived using a message schedule described
subsequently.
• Each round also makes use of an additive constant Kt, where 0 … t … 79
indicates one of the 80 rounds.
• These words represent the first 64 bits of the fractional parts of the cube
roots of the first 80 prime numbers.
• The constants provide a “randomized” set of 64-bit patterns, which should
eliminate any regularities in the input data.
• The output of the eightieth round is added to the input to the first
round (Hi - 1) to produce Hi.
The addition is done independently for each of the eight words in the
buffer with each of the corresponding words in Hi - 1, using addition
modulo 264.