cryptography and network security - sha512
TRANSCRIPT
![Page 1: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/1.jpg)
Cryptography and Network Security
1
![Page 2: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/2.jpg)
Hash Functions Hash Functions
◦ condense arbitrary size message to fixed size◦ by processing message in blocks◦ through some compression function◦ either custom or block cipher based◦ It takes variable length block of data M as input and produces a
fixed size hash value hwhere h=H(M)
2
![Page 3: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/3.jpg)
3
![Page 4: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/4.jpg)
Use Of Hash Functions
4
![Page 5: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/5.jpg)
Hash FunctionsProperties of good hash function◦ Output produced is truly random in nature and evenly
distributed.◦ A change to any bit or bits in Message should result into big
change in the hash code.
5
![Page 6: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/6.jpg)
Cryptographic Hash FunctionIt is an algorithm for which it is computationally infeasible to
find: A data object that maps to predefined hash result (one
way property)
Two data objects that maps to the same hash result( collision free property)
Because of these characters hash function are often used to determine whether or not data has changed
6
![Page 7: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/7.jpg)
Properties of Hash Function
7
![Page 8: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/8.jpg)
Iterated hash function All cryptographic hash functions need to create a fixed-size digest out of a variable-size message . Creating such function is best accomplished using iterations Instead of using variable-size input, a function with fixed size input is created and is used a necessary number of times. This fixed-size input is referred as compression functioncompression function. It compresses an n-bit string to create an m-bit string where n is greater than m. this scheme is iterated cryptographic hash iterated cryptographic hash functionsfunctions.
8
![Page 9: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/9.jpg)
Two groups of Compressionfunctions
Two approaches compression function is made from Scratch hash functions based on block ciphers
First approach
1.Message digest (MD)
2.Secure hash algorithm (SHA)
9
![Page 10: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/10.jpg)
Secure Hash Algorithm(SHA)
• The Secure Hash Algorithm is a family of cryptographic hash functions published by the National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing Standard (FIPS). It sometimes referred to as Secure Hash Standard (SHS).
10
![Page 11: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/11.jpg)
SHA-0Published in 1993
160-bit hash function
It was withdrawn shortly after publication due to an undisclosed "significant flaw" and replaced by the slightly revised version SHA-1
11
![Page 12: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/12.jpg)
SHA-1Published in 1995 160-bit hash function based on MD-5 algorithmdesigned by the National Security Agency (NSA) to be part of the Digital Signature Algorithm.Cryptographic weaknesses were discovered in SHA-1, and the standard was no longer approved for most cryptographic uses after 2010.
12
![Page 13: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/13.jpg)
SHA-2Published in 2001.Was wholly accepted by cryptographers in the year 2011. A family of two similar hash functions, with different block sizes, known as SHA-256 and SHA-512.They differ in the word size; SHA-256 uses 32-bit words where SHA-512 uses 64-bit words.
13
![Page 14: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/14.jpg)
Secure Hash Algorithm(SHA)SHA originally designed by NIST & NSA in 1993was revised in 1995 as SHA-1US standard for use with DSA signature scheme
◦ standard is FIPS 180-1 1995, also Internet RFC3174◦ nb. the algorithm is SHA, the standard is SHS
based on design of MD5 with key differences produces 160-bit hash values recent 2005 results on security of SHA-1 have raised concerns on its use in future applications
14
![Page 15: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/15.jpg)
Revised Secure Hash Standard
NIST issued revision FIPS 180-2 in 2001 adds 3 additional versions of SHA
◦ SHA-256, SHA-384, SHA-512
designed for compatibility with increased security provided by the AES cipher
structure & detail is similar to SHA-1 hence analysis should be similar but security levels are rather higher
15
![Page 16: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/16.jpg)
SHA IS BASED ON MERKEL DAMGARD SCHEME
16
![Page 17: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/17.jpg)
Merkel Damgard Scheme
17
![Page 18: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/18.jpg)
18
![Page 19: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/19.jpg)
19
![Page 20: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/20.jpg)
Message Digest Generation Using SHA-512
20
![Page 21: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/21.jpg)
The processing of SHA-512 consists of the following steps: • Step 1: Append padding bits • Step 2: Append length • Step 3: Initialize hash buffer • Step 4: Process the message in 1024-bit (128-word) blocks, which forms the heart of the algorithm • Step 5: Output the final state value as the resulting hash
21
![Page 22: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/22.jpg)
Padding bits to be appended in step 1
The message is padded so that its length is congruent to 896 modulo 1024 [length = 896(mod 1024)]
This padding is always added, even if the message is in desired length already.
Thus number of padding bits is in the range 1 to 1024.
It consists of a single 1 followed by necessary no. of 0’s.
22
![Page 23: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/23.jpg)
Appending length in step 2 Here we add 128 bits consisting of the length of the original message (before padding in Step 1).
The length of the message is taken in hexadecimal format for adding in this 128 bit pad.
Thus the length of the block becomes of length 1024 ( = 896 + 128).
23
![Page 24: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/24.jpg)
Length Field and Padding
( |M| + |P| + 128 ) = 0 mod 1024 -> |P| = ( - |M| - 128 ) MOD 1024
Format of the padding is one 1 followed by the necessary number of 0s
24
![Page 25: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/25.jpg)
Initialize Hash Buffer A 512-bit buffer is used to hold intermediate and final results of the hash function. The buffer can be represented as eight 64-bit registers (a, b, c, d, e, f, g, h). These registers are initialized to the following 64-bit integers (hexadecimal values):
a = 6A09E667F3BCC908 e = 510E527FADE682D1
b = BB67AE8584CAA73B d = A54FF53A5F1D36F1
c = 3C6EF372FE94F82B f = 9B05688C2B3E6C1F
g = 1F83D9ABFB41BD6B h = 5BE0CDI9137E2179
These values are stored in big-endianformat, which is the most significant byte of a word in the low-address (leftmost) byte position. These words were obtained by taking the first sixty-four bits of the fractional parts of the square roots of the first eight prime numbers.
25
![Page 26: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/26.jpg)
SHA-512 Compression Function
heart of the algorithmprocessing message in 1024-bit blocksconsists of 80 roundsupdating a 512-bit buffer divided in eight blocks, based on fractional
part of square root of first 8 prime numbersusing a 64-bit value Wt derived from the current message blockand a round constant based on cube root of first 80 prime numbers
26
![Page 27: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/27.jpg)
27
![Page 28: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/28.jpg)
28
![Page 29: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/29.jpg)
SHA-512 Round Function
29
![Page 30: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/30.jpg)
The elements are:
Ch(e,f,g) = (e AND f) XOR (NOT e AND g) Maj(a,b,c) = (a AND b) XOR (a AND c) XOR (b AND c) ∑(a) = ROTR(a,28) XOR ROTR(a,34) XOR ROTR(a,39) ∑(e) = ROTR(e,14) XOR ROTR(e,18) XOR ROTR(e,41) + = addition modulo 2^64 Kt = a 64-bit additive constant Wt = a 64-bit word derived from the current 512-bit input block.
30
![Page 31: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/31.jpg)
Calculation of W Wt is used in each of the 80 rounds of each block where t = ( 0 to 79). Each wt is of length 64 bits
Wt is calculated as follows: First 16 Wt’s(0 to 15) are taken as it is from the message (16 x 64=1024).
Rest of the Wt’s are calculated using the formula – Wt= ∂1(x) [W(t-2)] + W(t-7) + ∂0(x) [W(t-15)] + W(t-16).
31
![Page 32: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/32.jpg)
Where, ∂0(x) = ROTR(x,1) XOR ROTR(x,8) XOR SHR(x,7) ∂1(x) = ROTR(x,19) XOR ROTR(x,61) XOR SHR(x,6).
32
![Page 33: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/33.jpg)
The structure of each of the 80 rounds is shown. Each 64-bit word shuffled along one place, and in some cases manipulated using a series of simple logical functions (ANDs, NOTs, ORs, XORs, ROTATEs), in order to provide the avalanche & completeness properties of the hash function.
33
![Page 34: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/34.jpg)
Initialize hash values: first 64 bits of the fractional parts of the square roots of the first 8 primes 2..19):
h[0..7] := 0x6a09e667f3bcc908, 0xbb67ae8584caa73b, 0x3c6ef372fe94f82b, 0xa54ff53a5f1d36f1, 0x510e527fade682d1, 0x9b05688c2b3e6c1f, 0x1f83d9abfb41bd6b, 0x5be0cd19137e2179
34
![Page 35: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/35.jpg)
k[0..79] := [0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc, 0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118, 0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2, 0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694, 0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65, 0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5, 0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4, 0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70, 0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df, 0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b, 0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30, 0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8, 0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8, 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3, 0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec, 0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b, 0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178, 0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b, 0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c, 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817]
35
![Page 36: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/36.jpg)
Applications The SHA-2 hash function is implemented in some widely used security applications and protocols, including TLS and SSL, PGP, SSH
SHA-512 is part of a system to authenticate archival video from the International Criminal Tribunal of the Rwandan genocide
36
![Page 37: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/37.jpg)
TLS and SSL Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols designed to provide communications security over a computer network. Several versions of the protocols are in widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP).
37
![Page 38: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/38.jpg)
Pretty Good Privacy Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.
38
![Page 39: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/39.jpg)
DNSSEC The Domain Name System Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks.
39
![Page 40: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/40.jpg)
It is a set of extensions to DNS which provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality.
40
![Page 41: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/41.jpg)
SSH Secure Shell, or SSH, is a cryptographic (encrypted) network protocol to allow remote login and other network services to operate securely over an unsecured network.
SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server.
41
![Page 42: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/42.jpg)
Features of SHA-512 The algorithm is used to compute a message digest for a message or data file that is provided as input. The message or data file should be considered to be a bit string. The length of the message is the number of bits in the message (the empty message has length 0).
42
![Page 43: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/43.jpg)
If the number of bits in a message is a multiple of 8, for compactness we can represent the message in hex.
The purpose of message padding is to make the total length of a padded message a multiple of 512.
43
![Page 44: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/44.jpg)
Why not SHA-1? SHA-1 , a standard hash function developed by NIST, creates digests of 160 bits. The function is attacks. To launch a collision attack, the adversary needs to test 2160/2 = 280 tests in the collision algorithm. Even if the adversary can perform 230 (more than one billion) tests in a second, it takes 250 seconds (more than ten thousand years) to launch an attack..
44
![Page 45: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/45.jpg)
Drawback of SHA-2? The SHA-2 functions were not quickly adopted, despite better security than SHA-1.
Reasons might include lack of support for SHA-2 on systems running Windows XP SP2 or older and a lack of perceived urgency since SHA-1 collisions have not yet been found.
45
![Page 46: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/46.jpg)
SHA-512 is secure The new hash function, that is a NIST standard, is SHA-512 , which has a 512-bit digest. This function is definitely resistant to collision attacks based on the Random Oracle Model. It needs 2512/2 = 2256 tests to find a collision with the probability of 1/2.
46
![Page 47: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/47.jpg)
47
![Page 48: Cryptography and network security - Sha512](https://reader034.vdocuments.us/reader034/viewer/2022042723/5870f8a81a28ab5f528b531d/html5/thumbnails/48.jpg)
48