Hash Functions Flashcards Preview

CS6035 IIS > Hash Functions > Flashcards

Flashcards in Hash Functions Deck (11):

what is weak collision resistant?

given m1, it's computational infeasible to find another m whose has value is the same as m1


what is strong collision resistant?

computationally infeasible that any 2 numbers have the same hash value


hash function provides what function

message authentication


what is the result of hash function

given a message digest of any size, it outputs a fixed size hash of 512-1024 bits


Hash function weakness

pigeon hole principle with birthday paradox can compute the probability that you can violate the weak collision and have 2 hash values for different m's.

For an attacker to have the likelihood of finding another hash value same as victim's, they will have to make sqrt(hashBitSize) guesses


what characteristic would make hash values more difficult to exploit

longer hash values
today hash values are 128 bits, which means the guesser would have to make
X^(128/2) guesses to make likelihood of guessing the correct hash value > 50%. this is deemed computational infeasible


What's name of most common NIST-supported hash algorithm

originally 160 bits, but now 256-512 bits
the max message size must be less than 2^(128)


Describe the SHA512 algorithm

entire block to be hashed includes original message, length of message, and 10...0 padding. cut into blocks of 1024.
An Injection vector is used, and first block is hashed and fed into next block to be hashed, and subsequently fed into next block before hashing
80 rounds in which each round includes circular shifts, and boolean AND,NOT, OR, etc. operations with the previous hash, key, and message block


Advantages of Hash-based Message authentication

Hash functions are efficient to compute and hash library code is widely available


Why not use SHA-1 for Hash-based Message authentication? what instead is used?

SHA-1 doesn't rely on a secret key
HMAC is used because it incorporates secret key that's prepended to original message, ipad and opad are XOR'd to eliminate irregularities in secret key


Why is HMAC preferred over SHA to guard against collision attacks?

It's much harder to guess the secret key that's in HMAC as long as HMAC is one-way and collision resistant