Scribd
Upload
19 views3 pages

Understanding Hash Functions and Security

The document provides an overview of hash functions, defining them as mathematical algorithms that generate message digests to confirm message identity and integrity, particularly in e-commerce. It discusses characteristics such as being one-way and not requiring keys, as well as their role in password verification and security standards like SHA-1 and SHA-256. Additionally, it addresses threats like rainbow cracking attacks and emphasizes the importance of cryptographic hash functions in various applications, including digital signatures and data integrity.

Uploaded by

minhm0158
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
19 views3 pages

Understanding Hash Functions and Security

The document provides an overview of hash functions, defining them as mathematical algorithms that generate message digests to confirm message identity and integrity, particularly in e-commerce. It discusses characteristics such as being one-way and not requiring keys, as well as their role in password verification and security standards like SHA-1 and SHA-256. Additionally, it addresses threats like rainbow cracking attacks and emphasizes the importance of cryptographic hash functions in various applications, including digital signatures and data integrity.

Uploaded by

minhm0158
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Summary for Slides

1. Overview of Hash Functions

Definition of Hash Functions

 Hash functions are mathematical algorithms.


 They generate a message summary or digest (fingerprint).

Purpose

 Confirm the identity of a specific message.


 Ensure there have not been any changes to the content.

Characteristics

 Do not create ciphertext.


 Confirm message identity and integrity.

Role in E-Commerce

 Critical function for security and data integrity.

Hash Algorithm

 Public functions that create a hash value.


 Convert variable-length messages into a fixed-length value.

2. Characteristics of Hash Functions

 No Keys Required

 Hashing functions do not require keys.


 However, a message authentication code (MAC) can be attached.

 One-Way Function

 Hash functions are one-way and cannot be reversed.

 Use in Password Verification

 Used to confirm user identity in authentication systems.


 The hash value (message digest) is created from the original password.
 Stored hash values are later used for comparison during login.

3. Secure Hash Standard (SHS) and Hash Algorithms

 Standard issued by NIST, defined in FIPS 180-1.

SHA-1

 Secure algorithm for a condensed representation of a message.


 Produces a 160-bit message digest for digital signatures.
 Based on MD4 principles, part of the MDx family by Ronald Rivest.

New Hash Algorithms

 SHA-256, SHA-384, SHA-512 proposed by NIST.


 Standards for 128, 192, 256 bits.
 More bits = stronger collision resistance.

SHA-256

 256-bit block cipher algorithm.


 Encrypts intermediate hash value, using message block as key.
 Compression function on 512-bit blocks → 256-bit digest.

4. Rainbow Cracking Attack and Password Protection

 Rainbow cracking is an attack that uses precomputed hash tables (rainbow tables) to
quickly crack passwords.
 Defense mechanisms:
o Protect hashed password files.
o Limit login attempts.
o Salting: Adds random data to the hash function, making rainbow tables
ineffective.

5. Cryptographic Hash Function

Definition

 A hash function that takes an arbitrary block of data and returns a fixed-size bit
string (hash value).
 Any accidental or intentional change to the data alters the hash value.

Characteristics
 Easy to compute the hash for any message.
 Infeasible to generate a message with a specific hash.
 Infeasible to modify a message without changing its hash.
 Infeasible to find two different messages with the same hash.

Applications

 Used in digital signatures, message authentication codes (MACs), and


authentication.
 Helps in indexing data, fingerprinting, detecting duplicates, and checksums.
 In security, cryptographic hash values are known as digital fingerprints or checksums.

You might also like