Hash functions are mathematical
algorithms that generate a message summary or digest (sometimes called a
fingerprint) to confirm the identity of a specific message and to confirm that
there have not been any changes to the content.
Hash functions do not create any
ciphertext, they confirm message identity
and integrity. Hash algorithms are public functions that
create a hash value, also known as a message
digest. By converting variable-length message into a single fixed-length
value.
Hash functions are used in many
different contexts in information security. Hash functions also plays an
important role in security protocols.
Hash functions come under broad category of ciphers. Hash functions are
extremely useful in security. One particularly
important use of hash function arises in the computation of digital signatures.
Applications
of hash function: -
1) Authentication
2)
Message
integrity (using HMAC)
3)
Message
fingerprinting
4)
Error
detection
5)
Digital
signature efficiency
6)
Hash
functions can be used to protect integrity.
Key
Points of Hash Functions: -
- The world’s most popular hash function is SHA-1 which is a U.S government standard. SHA stands for Secure Hash Algorithm. Cryptographic hash functions SHA-1 and MD5 hash message in blocks, where each block passes through some number of rounds.
- The SHA-1 algorithm is very similar to MD5. The major practical difference between the two is that SHA-1 generates a 160-bit output, which provides a significant margin of safety over MD5.
- A hash function effectively gives us a fingerprint of a file; we should also be able to use hash to verify message integrity.
One-way
Hash Function: -
An alternative to message authentication
code is the one-way hash function. With the message authentication code, a hash
function accepts a variable-size message M as input and produces a fixed-size
message digest, H(M) as output.
A hash function does not take a secret
key as input. To authenticate a message, the message digest is sent with the
message in such a way that the message digest is authentic.
A cryptographic hash function h(x)
provides: -
1)
Compression
2)
Efficiency
3)
Weak
collision resistance
4)
Strong
collision resistance
Hash
function Requirements: - The purpose of a hash function is to
produce a “fingerprint” of a file, message or other block of data. To be useful
for message authentication, a hash function H must have the following
properties:
1) H can
be applied to a block of data of any size.
2) H
produces a fixed length output.
3) H(x)
is relatively easy to compute for any given x, making both hardware and software
implementation practical.
4) For any
given code h, it is computationally infeasible to find x such that H(x)_h. A
hash function with this property is referred to as one-way or preimage resistant.
5) For
any given block x, it is computationally infeasible to find x such that H(x)_H(y).
A hash function with this property is referred as second preimage resistant.
This sometimes referred to as weak collision resistant.
6) It is
computationally infeasible to find any pair (x,y) such that H(x)_H(y). A hash function
with this property is referred to as collision resistant. This is sometimes
referred to as strong collision resistant.
SECURITY OF HASH FUNCTIONS: - As with symmetric encryption, there are two
approaches to attacking a secure hash function:
·
cryptanalysis
·
brute-force attack.
The strength of a hash function against brute-force-attack
depends solely on the length of the hash code produced by the algorithm.