Secure digest functions

Hash functions are extremely useful and appear in most information security applications.

A hash function may be a function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is usually of fixed length.

Values returned by a hash function are called message digest or just hash values. the subsequent picture illustrated hash function −

  1. Fixed Length Output (Hash Value):
  • Hash function coverts data of arbitrary length to a hard and fast length. This process is usually mentioned as hashing the info .
  • In general, the hash is far smaller than the input file , hence hash functions are sometimes called compression functions.
  • Since a hash may be a smaller representation of a bigger data, it’s also mentioned as a digest.
  • Hash function with n bit output is mentioned as an n-bit hash function. Popular hash functions generate values between 160 and 512 bits.

2. Efficiency of Operation:

  • Generally for any hash function h with input x, computation of h(x) may be a fast operation.
  • Computationally hash functions are much quicker than a symmetric encryption.

In order to be an efficient cryptographic tool, the hash function is expected to possess following properties −

  1. Pre-Image Resistance:
  • This property means it should be computationally hard to reverse a hash function.
  • In other words, if a hash function h produced a hash value z, then it should be a difficult process to seek out any input value x that hashes to z.
  • This property protects against an attacker who only features a hash value and is trying to seek out the input.

2. Second Pre-Image Resistance

  • This property means given an input and its hash, it should be hard to seek out a special input with an equivalent hash.
  • In other words, if a hash function h for an input x produces hash value h(x), then it should be difficult to seek out the other input value y such h(y) = h(x).
  • This property of hash function saves against an attacker who has an input value and its hash, and requires to replace different value as legitimate value in place of initial input value.

3. Collision Resistance

  • This property means it should be hard to seek out two different inputs of any length that end in an equivalent hash. This property is additionally mentioned as collision free hash function.
  • In other words, for a hash function h, it’s hard to seek out any two different inputs x and y such h(x) = h(y).
  • Since, hash function is compressing function with fixed hash length, it’s impossible for a hash function to not have collisions. This property of collision free only confirms that these collisions should be hard to seek out .
  • This property makes it very hard for an attacker to seek out two input values with an equivalent hash.
  • Also, if a hash function is collision-resistant then it’s second pre-image resistant.

At the guts of a hashing may be a function that operates on two fixed-size blocks of knowledge to make a hash code. This hash function forms the a part of the hashing algorithm.

The size of every data block varies counting on the algorithm. Generally the block sizes are from 128 bits to 512 bits. the subsequent illustration denotes hash function −

Hashing algorithm involves rounds of above hash function sort of a block cipher. Each round takes an input of a hard and fast size, typically a mixture of the foremost recent message block and therefore the output of the last round.

This process is repeated for as many rounds as are needed to hash the whole message. Schematic of hashing algorithm is depicted within the following illustration −

Since, the hash value of first message block becomes an input to the second hash operation, output of which converts the outputs of third operation, and so on. This effect,mentioned as an avalanche effect of hashing.

Avalanche effect leads to substantially different hash values for 2 messages that differ by even one little bit of data.

Understand the variations between hash function and algorithm correctly. The hash function initiates a hash code by operating on two blocks of fixed-length binary data.

Hashing algorithm may be a process for using the hash function, specifying how the message are going to be choppy and the way the results from previous message blocks are chained together.

Let us discuss about some popular hash functions −

  1. Message Digest (MD)

MD5 was hottest and widely used hash function for quite some years.

  • The MD family includes of hash functions such as MD2, MD4, MD5 and MD6. It had been adopted as Internet Standard RFC 1321. it’s a 128-bit hash function.
  • MD5 digests are widely utilized in the software world to supply assurance about integrity of transferred file. For instance , file servers often provide a pre-computed MD5 checksum for the files, in order that a user can compare the checksum of the downloaded file thereto .
  • In 2004, collisions were found in MD5. An analytical attack was reported to achieve success only in an hour by using computer cluster. This collision attack resulted in compromised MD5 and hence it’s not recommended to be used .

2. Secure Hash Function (SHA)

Family of SHA comprise of 4 SHA algorithms; SHA-0, SHA-1, SHA-2, and SHA-3. Though from same family, there are structurally different.

  • The original version is SHA-0, a 160-bit hash function, was distributed by the National Institute of Standards and Technology (NIST) in 1993. It had few flaws and didn’t become very fashionable . Later in 1995, SHA-1 was designed to correct alleged flaws of SHA-0.
  • SHA-1 is that the most generally used of the prevailing SHA hash functions. it’s employed in several widely used applications and protocols including Secure Socket Layer (SSL) security.
  • In 2005, a way was found for uncovering collisions for SHA-1 within practical time-frame making long-term employability of SHA-1 doubtful.
  • SHA-2 family has four further SHA variants, SHA-224, SHA-256, SHA-384, and SHA-512 depending abreast of number of bits in their hash value. No triumphant attacks have yet been reported on SHA-2 hash function.
  • Though SHA-2 may be a strong hash function. Though significantly different, its basic design remains follows design of SHA-1. Hence, NIST involved new competitive hash function designs.
  • In October 2012, the NIST chose the Keccak algorithm because the new SHA-3 standard. Keccak offers many benefits, like efficient performance and good resistance for attacks.
  1. Password Storage: Hash functions give protection to password storage.
  • Instead of storing password in clear, mostly all LogOn processes store the hash values of passwords within the file.
  • The Password file consists of a table of pairs which are within the form (user id, h(P)).

2. Data Integrity Check: Data integrity check may be a commonest application of the hash functions. it’s wont to generate the checksums on data files. This application provides assurance to the user about correctness of the info .

B.Sc in Software Engineering. University of Kelaniya, SriLanka.