Data Protection and Security

   

I

Secret Key Cryptography

   

I.II

Hash Functions

    
   
 

Applications of Hash Functions

Having an incredibly wide range of applications, hash functions are the real working horse of cryptography. We introduce the most important applications here:

  1. Integrity check of a file (or a whole file system): If you compute the hash of a file and store the hash in a secure place so that it cannot be modified, then nobody will be able to modify the file itself without being detected because it is computationally infeasible to find another file having the same hash value.

  2. Protection of stored passwords: It is a general practice to store in the users’ password file (e.g. the file /etc/passwd in UNIX systems) the hashes of passwords rather than passwords themselves. In order to verify a password, the server computes the hash of the entered password and see whether it is as same as the one stored. By this way, if users have chosen passwords carefully (why is this necessary?), then an attacker capturing the password file cannot obtain the passwords.

  3. Signing long messages: The signature algorithms we will see in the next chapter cannot be used to sign messages longer than a threshold value. To reduce the size, a hash function is applied to the message and the signing is performed on the shorter-length hash value. In the verification, the same hashing should also be performed.

  4. To have a message authentication code: Having the functionality of message authentication codes is possible using keyed hashes combining the secret key and the message in the hash computation. This is formulated as follows:

    5. MACK(M)=h(K,M)

  5. Hash Chains: You can iteratively apply a hash function n-times to an initial seed value s:

    6. hn(s) = h (hn-1(s))

    This forms a hash chain of length n:

    h(s), h2(s), h3(s), . . . , hn-1(s), hn(s).

This hash chain has similar properties to public-key cryptography in the sense that once you securely distribute the last element of the hash chain (hn(s))to some other party, you can securely authenticate yourself n-times by revealing the hash chain elements in the reverse order one by one. If an attacker intercepts one of the hash chain elements while it is transmitted, it is of no use to him since it will not give any information regarding the next one to be used. This scheme is due to Lamport and usually known as Lamport’s one-time password scheme.

   
   

I.II.Q

[+] Question

[-] Question

Actually, the MAC algorithm given above is not secure. What might be its security problem?

    
   

I.II.Q

[+] Question

[-] Question

Can we also perform encryption using hash functions? How?

    
   
       
 
«previous session [1] [2] [3] [4] next session »
   
       
 
«return to previous section proceed to next section »
  concepts »