1 / 19

More on Hashing and Security

Learn about the fundamentals of hashing, its various security applications including message authentication codes and hash chains, and the potential vulnerabilities and complications associated with them.

hepp
Télécharger la présentation

More on Hashing and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. More on Hashing and Security • Hashing is useful for various security purposes • Message authentication codes • Hash chains • Breaks on hash algorithms have various bad security effects

  2. Thinking More About Hashing • What is a hashing function? • Takes one value and produces another • The output can’t be used to determine the input • For many hash functions • But the output also not computable without the input

  3. The Basic Hash Operation • X’ = H(X) • Can’t guess X based on X’ • Can’t produce X’ without knowing X • Given X’, H(), and X, can’t produce Y such that H(Y) = X’ • So, given H(), only someone knowing X could have produced X’

  4. Message Authentication Codes • MACs • Essentially something to authenticate that a message hasn’t changed • A kind of digital signature • Usually used in communications contexts

  5. Authenticating a Message • Could just sign message with public keys • Could hash message and sign with public key • What if you don’t need to authenticate originator? • Just need to be sure it hasn’t changed • Typical case for a MAC

  6. Basic MAC • Take message X • Hash it with function H() • Getting X’ • Attach X’ to X • Receiver checks that X and X’ match • By repeating hash operation H() on X

  7. A Little Problem • If everyone knows H(), everyone can create X’ • Worse, everyone can take Y and produce “proper” Y’ • Attacker can replace X/X’ message with Y/Y’ message • Often need to prevent that . . .

  8. Keyed Hashes • Use HMACs, instead • keyed-Hash Message Authentication Codes • Feed secret key into input of a hash function • H(X,K) • Often H() is ordinary hash function • Typically by combining key with input • In slightly complex way • Feed combination into hash function • Cheaper than hashing and PK signature of hash

  9. Security of Keyed Hash Functions • Attacker assumed to know H() and X’ • Often knows X • Since hash is used as MAC • Doesn’t know K • If hash function is good, can’t create proper Y’ for arbitrary Y

  10. Hash Security Properties and HMACs • Can’t guess X based on X’ • Important, since X “includes” key • Can’t produce X’ without knowing X • Otherwise attacker can forge messages • Given X’, H(), and X, can’t produce Y such that H(Y) = X’ • Otherwise attacker can create new message with old HMAC

  11. Hash Chains • Say I start with a value X Now I apply hash function H() Now I apply H() repetitively to the results That’s a hash chain

  12. Properties of a Hash Chain • Generally, the values are pseudorandom • X and X’ are not obviously related • If you don’t know H(), the next link is unpredictable • X is not derivable from X’ • Even if you do know H() • So X can be secret, even if you know X’ and H()

  13. Using Hash Chains • Cryptographic key generation • Create a key • Use it for a while • Then use secret hash function on that key to create a new one • If hash’s pseudorandom and non-reversible properties strong, relatively safe

  14. Reverse Hash Chains • Generate a hash chain • Of some chosen length • Then reverse it

  15. What’s So Great About That? • I know the entire reverse hash chain • I can gradually tell others about it, element by element • When they know , what can I now do? • I can tell them about • They now know something useful

  16. OK, What Do They Know? • That I knew when I told them • They can check that with the hash • So both messages come from the same source • If they authenticated the first message, the hash value authenticates the second

  17. Complications • There are serious issues with this • Cut-and-paste attacks • Man-in-the-middle • We’ll discuss these later • But proper use can allow most authentications to pay hash costs • Much lower than other crypto costs

  18. What If Hash Is Broken? • What if: • You can guess X based on X’? • You can produce X’ without knowing X • Given X’, H(), and X, you can produce Y such that H(Y) = X’ • Which of these produce problems for hash chains?

  19. For Example, The SHA-1 Break • Given X, can calculate a Y that hashes to X’ (using SHA-1) • Means that hash signature of X also matches Y • So attacker can replace X with Y • When is that bad?

More Related