Unit-3 Message Authentication

Message authentication is a crucial concept in cryptography that ensures the integrity and
authenticity of a message. It provides a way to verify that a message has not been tampered
with during transmission and that it was indeed sent by the claimed sender.

There are several methods and techniques used for message authentication, including:

1. Message Digests (Hash Functions): A hash function takes an input (the message)
and produces a fixed-size output called a hash or message digest. Hash functions
have the property that even a small change in the input will result in a significantly
different output. By comparing the hash value of the received message with the hash
value computed by the recipient, one can verify whether the message has been
altered. Common hash functions include SHA-256 and MD5.

2. Digital Signatures: Digital signatures combine message authentication with the

concept of non-repudiation. They involve the use of asymmetric key pairs (public and
private keys). The sender signs the message using their private key, and the recipient
can verify the signature using the sender's public key. If the signature is valid, the
recipient can be assured that the message hasn't been tampered with and was sent
by the legitimate sender.

3. MAC (Message Authentication Code): A MAC is a short piece of information used

to authenticate a message. It's generated using a secret key and the message's
content. The recipient can verify the authenticity of the message by computing the
MAC using the same key and checking if it matches the received MAC.

Hash Function

A hash function is a mathematical algorithm that takes an input (or "message") and produces
a fixed-size string of characters, which is typically a sequence of numbers and letters. The
output, often referred to as a hash value or hash code, appears random and is designed to
be unique to the input data. Hash functions are widely used in various areas of computer
science, including cryptography, data structures, and digital signatures.

Here are some key characteristics and uses of hash functions:

1. Deterministic: Given the same input, a hash function will always produce the same
hash value. This property is crucial for verification purposes.

2. Fixed Output Size: Hash functions produce a hash value of a consistent length,
regardless of the input size. For example, SHA-256 produces a 256-bit (32-byte)
hash value.

3. Pre-image Resistance: It should be computationally infeasible to reverse-engineer

the original input from the hash value. This property ensures that hash functions can
 be used for storing sensitive data like passwords without exposing the actual
password.

4. Collision Resistance: It should be extremely unlikely for two different inputs to

produce the same hash value. Collisions weaken the security of hash functions and
can be exploited by attackers.

5. Avalanche Effect: A small change in the input should produce a significantly

different hash value. This ensures that even a tiny alteration in the input will lead to a
completely different hash.

Hash functions have a multitude of applications, including:

1. Data Integrity: Hash functions are used to verify the integrity of data during
transmission. By comparing the hash value of received data with the hash value
computed from the original data, one can detect whether the data has been
tampered with.

2. Digital Signatures: Hash functions are used in digital signature schemes to create
and verify signatures. A hash value of a message is signed using a private key,
providing authentication and non-repudiation.

3. Cryptographic Algorithms: Hash functions are used as building blocks for more
complex cryptographic algorithms, such as key derivation functions (KDFs) and
message authentication codes (MACs).

4. Data Structures: Hash functions are used in hash tables and hash maps to quickly
retrieve data from large datasets.

5. Password Storage: Hash functions are used to securely store passwords by

hashing them before storage. When a user logs in, the hash of the entered password
is compared with the stored hash.

Popular hash functions include MD5, SHA-1, SHA-256, and SHA-3, each with varying levels
of security and recommended usage. When selecting a hash function, it's important to
consider factors like collision resistance, cryptographic strength, and potential vulnerabilities.

Hash Function vs Secure Hash Function

Hash Function:

A hash function is a mathematical algorithm that takes an input (message) and produces a
fixed-size output (hash value). It maps input data of arbitrary size to a fixed-length sequence
of characters, which typically appears as a random string of numbers and letters. Hash
functions are used in various applications, such as data structures, checksums, and digital
signatures. They have multiple characteristics, including:
 1. Deterministic: Given the same input, a hash function will always produce the same
hash value.
2. Fixed Output Size: Hash functions produce hash values of a consistent length.
3. Fast Computation: Hash functions are designed to be computationally efficient.
4. Avalanche Effect: A small change in the input produces a significantly different hash
value.
5. Pre-image Resistance: It's computationally infeasible to reverse-engineer the
original input from the hash value.
6. Collision Resistance: It's highly unlikely for two different inputs to produce the same
hash value.

Secure Hash Function:

A secure hash function is a hash function that meets certain criteria to provide a higher level
of security in cryptographic applications. Secure hash functions possess the properties of
regular hash functions while emphasizing additional security features, such as:

1. Collision Resistance: It's extremely difficult to find two different inputs that produce
the same hash value.
2. Second Pre-image Resistance: Given an input, it's computationally infeasible to
find another input with the same hash value.
3. Resistance to Length Extension Attacks: The hash function should not be
susceptible to attacks that exploit its properties to append data to an existing hash
value.

Secure hash functions are designed to withstand various types of attacks, including collision
attacks and birthday attacks, which are vulnerabilities that can arise in hash functions that
lack these security properties.

In summary, a hash function is a broad concept that involves mapping data to a fixed-size
output, while a secure hash function is a specific type of hash function that meets rigorous
security criteria to protect against various cryptographic attacks. It's important to use secure
hash functions in security-sensitive applications to ensure the integrity, authenticity, and
confidentiality of data.
Message Digest

A message digest, also known as a hash value or hash code, is the output generated by a
hash function when applied to an input (often called a "message"). The main purpose of a
message digest is to represent the input data in a concise and fixed-size manner. Message
digests have various applications in computer science, cryptography, and information
security.

Here are the key points about message digests:

Fixed Size: Regardless of the size of the input data, a hash function produces a message
digest of a consistent length. For example, a common hash function like SHA-256 produces
a 256-bit (32-byte) message digest.

Deterministic: Given the same input data, a hash function will always produce the same
message digest. This deterministic behavior is essential for verifying data integrity and
authenticity.

Unique Output: A well-designed hash function strives to produce unique message digests
for distinct inputs. However, due to the limited size of the output space, there's always a
possibility of different inputs resulting in the same digest. This is known as a collision.

Avalanche Effect: A small change in the input data should result in a significantly different
message digest. This ensures that even a minor alteration in the input produces a
completely different output.

Irreversibility: It should be computationally infeasible to deduce the original input from the
message digest. This property helps protect sensitive information.

Message digests are used in various applications:

Data Integrity: By comparing the message digest of received data with the calculated digest
of the original data, one can determine whether the data has been tampered with during
transmission.

Digital Signatures: In digital signature schemes, the signer applies a hash function to the
message and then signs the resulting digest with their private key. The recipient can use the
signer's public key to verify the signature and therefore the authenticity of the message.

Password Storage: Hash functions are used to securely store passwords by hashing them
before storage. When a user logs in, the system hashes the entered password and
compares it to the stored hash.

Data Deduplication: Message digests are used in data deduplication processes to identify
and eliminate duplicate copies of data.
Common hash functions used for generating message digests include SHA-256, SHA-512,
and MD5 (although MD5 is considered weak due to vulnerabilities). It's important to choose
a hash function that meets the security requirements of the specific application, as well as
consider potential vulnerabilities and the risk of collisions.

MD5 Algorithm

MD5 (Message Digest Algorithm 5) is a widely known cryptographic hash function that was
developed by Ronald Rivest in 1991. It takes an input (message) and produces a 128-bit
(16-byte) hash value. MD5 was designed to provide data integrity and authenticity through
its ability to produce unique hash values for different inputs.

However, over time, several vulnerabilities have been discovered in MD5 that make it
unsuitable for many security-sensitive applications:

1. Collision Vulnerabilities: Researchers have found ways to generate different inputs

that produce the same MD5 hash value. This undermines the collision resistance
property of a secure hash function. Such collisions can be exploited for malicious
purposes, including the creation of malicious files that match legitimate files' hash
values.

2. Vulnerable to Birthday Attacks: The relatively small size of MD5's hash output
makes it susceptible to birthday attacks. These attacks exploit the probability of
finding two distinct inputs that produce the same hash value due to the birthday
paradox.

3. Insecure for Cryptographic Use: The vulnerabilities in MD5 have rendered it

insecure for cryptographic applications like digital signatures and certificates. It's not
resistant to determined attackers with sufficient computational resources.

4. Weak Against Brute-Force Attacks: Advances in computing power have weakened

MD5's resistance to brute-force attacks, where an attacker exhaustively tries all
possible inputs to find one that matches a given hash value.

5. Wide Adoption of Stronger Alternatives: Due to its vulnerabilities, MD5 is no

longer considered a secure choice for cryptographic purposes. Stronger alternatives,
such as the SHA-2 family (including SHA-256, SHA-384, and SHA-512), have gained
widespread adoption.

Given its security weaknesses, MD5 is no longer recommended for any security-critical
applications. For tasks like checksums, where security is not a primary concern, MD5 might
still be used. However, for applications involving data integrity, digital signatures, password
storage, and other security-sensitive tasks, it's strongly advised to use more secure hash
functions like SHA-256 or SHA-3.
Step 1: Append Padding Bits
● Bits are appended to the original input to make it compatible with the hash function.
● Total bits must always be 64 bits short of any multiple of 512.
● The first bit added is ‘1’ and rest is 0.

Step 2: Append Padding Length

● Length of the original message is padded to the result from step 1.
● Length is expressed in the form of 64 bits.
● The Resulting string will now be multiple of 512.
● Used to increase the complexity of the function.

Step 3: Initialize MD Buffer

● The entire message block is broken down into blocks of 512 bits each.
● 4 buffers are used of 32 bits each.
● They are named A,B,C and D.
● The first iteration has a fixed hexadecimal value.

A = 01 23 45 67 B = 89 ab cd ef

C = fe dc ba 98 D = 76 54 32 10
Step 4: Process Each 512-bit Block
● Each block is broken into 16 sub blocks of 32 bits each.
● There are 4 rounds of operations, each of them utilizing 16 sub blocks, the 4 buffers
and other constants.
● The constant value is an array of 64 elements, with 16 elements being used every
round.
● Sub-Blocks: M[0],M[1],M[2],........,M[15] (32 bit message)
● Constant Array: K[1],K[2],............,K[64] (32 bit)
● Kt = floor(abs(sin(i + 1)) × 2^32)

Non-Linear Process Function

Different for each round.
Used to increase randomness of hash as an upgrade over MD4.

Round 1: F(B,C,D) = (b and c) OR ((NOT b) AND (d))

Round 2: G(B,C,D) = (b AND d) OR (c AND (NOT d))
Round 3: H(B,C,D) = b XOR c XOR d
Round 4: I(B,C,D) = c XOR (b OR (NOT d))
SHA-1

Step 1: Append Padding Bits

● Bits are appended to the original input to make it compatible with the hash function.
● Total bits must always be 64 bits short of any multiple of 512.
● The first bit added is ‘1’ and rest is 0.

Step 2: Append Padding Length

● Length of the original message is padded to the result from step 1.
● Length is expressed in the form of 64 bits.
● The Resulting string will now be multiple of 512.
● Used to increase the complexity of the function.

Step 3: Initialize Buffer

● The entire message block is broken down into blocks of 512 bits each.
● 5 buffers are used of 32 bits each.
● They are named A,B,C,D and E.
● The first iteration has a fixed hexadecimal value.

A = 01 23 45 67 B = 89 ab cd ef

C = fe dc ba 98 D = 76 54 32 10

E = c3 d2 e1 f0
Step 4: Process Each 512-bit Block
● Each block is broken into 16 sub blocks of 32 bits each.
● There are 80 (20*4 rounds) rounds of operations, each of them utilizing 16 sub
blocks, the 5 buffers and other constants.
● The constant value is an array of 64 elements, with 16 elements being used every
round.

Round 1: F(B,C,D) = (B AND C) OR ((NOT B) AND D)

Round 2: G(B,C,D) = (B XOR C XOR D)
Round 3: H(B,C,D) = (B AND C) OR (B AND D) OR (C AND D)
Round 4: I(B,C,D) = (B XOR C XOR D)

The Message Schedule (also known as the "Wt" array) is an essential part of the SHA-1
algorithm. It involves processing the input message in 512-bit blocks and generating
additional words to be used during each round of the compression function. The Message
Schedule helps introduce further complexity and ensures that changes in the input message
are effectively propagated throughout the hash computation. Here's an overview of the
Message Schedule algorithm used in SHA-1:

Breaking the Message into Blocks:

● The input message is divided into 512-bit blocks, similar to how it's done in other
hash functions.
● Each 512-bit block is further divided into 16 words, each consisting of 32 bits.

Generating Additional Words (Wt):

● wt = wt-16 XOR wt-14 XOR wt-8 XOR wt-3

Integration with Round Constants:

● Each round of the SHA-1 algorithm uses a specific constant value (Kt) based on the
round number.
● The Kt values are added to the expanded message words (Wt) during each round's
computation.
Kt = (0x5A827999 for rounds 0-19)
Kt = (0x6ED9EBA1 for rounds 20-39)
Kt = (0x8F1BBCDC for rounds 40-59)
Kt = (0xCA62C1D6 for rounds 60-79)
SHA-2

SHA-2 (Secure Hash Algorithm 2) is a family of cryptographic hash functions that includes
several hash algorithms, each producing hash values with different bit lengths. These hash
functions are successors to the earlier SHA-1 and are designed to offer higher levels of
security and resistance to various cryptographic attacks. The SHA-2 family includes
algorithms such as SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and
SHA-512/256.

Here's a brief overview of some common members of the SHA-2 family:

1. SHA-224: Produces a 224-bit hash value. It's derived from SHA-256 and uses a different
initial hash value and truncation of the final hash.

2. SHA-256: Produces a 256-bit hash value. It's widely used for digital signatures, certificate
authorities, and data integrity verification.

3. SHA-384: Produces a 384-bit hash value. It's derived from SHA-512 and provides a
higher level of security due to its larger output size.

4. SHA-512: Produces a 512-bit hash value. It's used in a variety of security applications,
including password hashing and data integrity verification.

5. SHA-512/224: Produces a 224-bit hash value, derived from SHA-512. It's intended for use
in environments where a shorter hash length is acceptable but a high level of security is still
desired.

6. SHA-512/256: Produces a 256-bit hash value, also derived from SHA-512. Like
SHA-512/224, it offers a shorter hash length while maintaining a good level of security.

SHA-2 algorithms use a similar structure to the earlier SHA-1 but with larger state sizes and
more complex operations. They're designed to be highly secure and resistant to common
cryptographic attacks. SHA-2 has been widely adopted and is considered a more secure
option for various cryptographic applications compared to its predecessor, SHA-1. However,
with the advancement of technology, the industry has been gradually transitioning to even
more secure hash functions like SHA-3.
SHA-256

Step 1: Append Padding Bits

● Bits are appended to the original input to make it compatible with the hash function.
● Total bits must always be 64 bits short of any multiple of 512.
● The first bit added is ‘1’ and rest is 0.

Step 2: Append Padding Length

● Length of the original message is padded to the result from step 1.
● Length is expressed in the form of 64 bits.
● The Resulting string will now be multiple of 512.
● Used to increase the complexity of the function.
Step 3: Initialize Buffer
● The entire message block is broken down into blocks of 512 bits each.
● 8 buffers namely A,B,C,D,E,F,G and H. are used.
● The first iteration has a fixed hexadecimal value.

Step 4: Process Each 512-bit Block

● Each block is broken into 16 sub blocks of 32 bits each.
● There are 64 rounds of operations, each of them utilizing 16 sub blocks, the 8 buffers
and other constants.
● The constant value is an array of 64 elements.