Scribd
Upload
29 views4 pages

Hash and MAC Lecture Notes

The document discusses message authentication, emphasizing its purpose of ensuring message integrity, validating origin, and providing non-repudiation through methods like Message Authentication Codes (MAC) and hash functions. It outlines security requirements to protect against various threats and details the properties and functions of MACs and hash functions, including their resistance to attacks. Additionally, it covers the evolution of Secure Hash Algorithms (SHA) and the use of block ciphers in hashing, while addressing potential security threats.

Uploaded by

hamzaafridi1only76
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
29 views4 pages

Hash and MAC Lecture Notes

The document discusses message authentication, emphasizing its purpose of ensuring message integrity, validating origin, and providing non-repudiation through methods like Message Authentication Codes (MAC) and hash functions. It outlines security requirements to protect against various threats and details the properties and functions of MACs and hash functions, including their resistance to attacks. Additionally, it covers the evolution of Secure Hash Algorithms (SHA) and the use of block ciphers in hashing, while addressing potential security threats.

Uploaded by

hamzaafridi1only76
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Message Authentication and Hash Functions

1. Message Authentication

Purpose:

 Ensures message integrity

 Validates origin of the message

 Provides non-repudiation

Functions used for authentication:

1. Message Encryption

2. Message Authentication Code (MAC)

3. Hash Functions

2. Security Requirements

To secure communications, the system should resist:

 Disclosure (unauthorized message reading)

 Traffic analysis

 Masquerade (pretending to be another)

 Content modification

 Sequence/timing modification

 Source/destination repudiation

3. Message Authentication Code (MAC)

Definition:

 A MAC is a small, fixed-size code created from a message and a


secret key.

 Appended to the message to serve as a signature.

How it works:
 Sender generates MAC from the message and key.

 Receiver recalculates MAC from received message and verifies it


matches.

Key Points:

 Ensures message integrity and authenticity

 Can be used with or without encryption

 Not a digital signature (as it uses symmetric keys)

4. MAC Properties

 MAC is a cryptographic checksum: MAC = C_K(M)

 Fixed-size output from a variable-length message

 Must be computationally hard to forge

Requirements:

 Infeasible to find another message with same MAC

 Uniformly distributed outputs

 Dependent on all bits of the message

5. Symmetric Ciphers for MAC

 Can use block ciphers (e.g., DES in CBC mode)

 Data Authentication Algorithm (DAA):

o Based on DES-CBC

o Uses IV = 0, zero-pads final block

o Uses final block or part of it as MAC (though security may be


limited)

6. Hash Functions

Definition:
 A public, non-keyed function to condense a message: h = H(M)

 Used to detect changes or create digital signatures

Properties:

 One-way function

 Fixed output size regardless of input length

 Resistant to:

o Preimage attacks (given h, hard to find M)

o Second preimage attacks (given M1, hard to find M2 where


H(M1) = H(M2))

o Collision attacks (hard to find any M1, M2 with same hash)

7. Birthday Attacks

 Based on Birthday Paradox

 Effective against 64-bit hashes

 Attack steps:

1. Generate many similar-looking valid messages

2. Generate many fake messages

3. Find two with the same hash

4. Trick someone into signing the valid one and replace with the
fake

Countermeasure: Use larger hash sizes (e.g., 160+ bits)

8. Hash and MAC Algorithms

 Hash Functions: Use compression functions or block ciphers

 MACs: Use block cipher modes or hash functions with a secret key

9. Secure Hash Algorithms (SHA)


 SHA-1 (1995): 160-bit output, now considered weak

 SHA-2 family (2002): SHA-256, SHA-384, SHA-512

o More secure, designed to align with AES

SHA-512 Details:

 Processes 1024-bit blocks

 80 rounds

 Uses a 512-bit buffer and round constants

10. Using Block Ciphers for Hashing

 Use a block cipher like DES without key

 Output from last round used as the hash

 Susceptible to:

o Birthday attacks

o Meet-in-the-middle attacks

11. Hash & MAC Security

Threats:

 Brute-force attacks

 Structural cryptanalysis (exploiting round functions)

 Known MAC pairs used to guess key or break function

You might also like