Documente Academic
Documente Profesional
Documente Cultură
Reliability
Transmission errors
Corruption of stored data
Security
Manipulation of data in transmission
Manipulation of stored data
Hash functions
keys
hash
function
hashes
John Smith
Lisa Smith
Sam Doe
Sandra Dee
Requirements:
Efficiency: less that log2 n comparisons
Determinism: always maps the same input to the same output
Small probability of collisions
Uniformity: equal probability of output values
00
01
02
03
04
05
:
15
h(k) = k mod m
Multiplication method:
Hashing
algorithm
Message
Bob
Alice
Message
Message
Hashing
algorithm
Message
Transmit
Message
digest
Message
digest
Message
digest
Message
digest
equal?
Message
digest
Alice
Eve
Bob
Message A
Message A
Message B
Message B
Message A
digest
Message A
digest
Message B
digest
Message B
digest
Hashing
algorithm
Message B
Message B
digest
equal?
Message B
digest
Hashing
algorithm
Message
Bob
Alice
Message
Hashing
algorithm
Message
Message
Message
digest
Shared
secret
Transmit
Shared
secret
Message
digest
Message
digest
Message
digest
equal?
Message
digest
A birthday paradox
How many people must be in a room for someone to have
the same birthday as you?
A birthday paradox
How many people must be in a room for someone to have
the same birthday as you? (365)
A birthday paradox
How many people must be in a room for someone to have
the same birthday as you? (365)
How many people must be in a room for some people to
have the same birthday?
A birthday paradox
How many people must be in a room for someone to have
the same birthday as you? (365)
How many people must be in a room for some people to
have the same birthday? (23)
A birthday paradox
How many people must be in a room for someone to have
the same birthday as you? (365)
How many people must be in a room for some people to
have the same birthday? (23)
Probability that n people have different birthdays is:
2
n1
P(n) = 1 1 1
1
... 1
365
365
365
1 2
n1
e 365 e 365 . . . e 365
n2
n1
n=
2 ln 2
365 = 22.54
For an ideal hash function with the output size n, it should take
IV
x1
x2
...
xn
s1 = IV + x1
si = si1 + xi ,
i = 2, . . . , n
x1
IV
x2
xn
f
s1
s2
...
f
sn
MD5 algorithm
Pad a message to a the length 448
mod 512, add message length as a
64-bit value.
A
F
Mi
Ki
compute A + fi (B, C, D)
add Mi = wgi
add Ki = b| sin(i + 1)| 232 c
shift left by si positions
Add B and save in B, C B, D C, A D
<<<s
Insecurity of MD5
SHA-1 algorithm
F
<<<5
Wt
<<<30
Kt
Authentication
Bob
TTP
Alice
A, K A ( B, P)
K B ( A, P, KT ( A, P))
Identity of A is proved to T by KA .
The fact of As sending a message is proved by KT (A, P).
Bobs computer
Alices
private key,
K rA
Alices
public key,
K uA
DKrA ( P)
Alices private
key, K rA
Alices
plaintext
message
M
SHA-1
algorithm
ElGamal
algorithm
DKrA ( H )
Sent
to
Bob
Private
key
Signature
algorithm
Message
Bob
Alice
Message
Message
Hashing
algorithm
Message
Transmit
Message
digest
Message
digest
Message
digest
Public
key
Public
key
Message
digest
equal?
Message
digest
Private
key
Signature
algorithm
Message
Eve
Bob
Message
Message
Hashing
algorithm
Message
Transmit
Message
digest
Message
digest
Message
digest
Public
key
Public
key
Message
digest
equal?
Message
digest
Signature computation
+
CA << A >>= KCA
[V, SN, AI, CA, TA , A, KA
],
where
V : X.509 version
SN : certificate serial number
AI : Algorithm ID
CA : certificate authority name
TA : validity timespan of the certificate
A : subject name
+
KA
: subject public key
Certificate chains
D
F
Summary