Professional Documents
Culture Documents
Week11 Authentication P2-SHA3 MACs
Week11 Authentication P2-SHA3 MACs
Motivations
Hash function
CRC
Text books
https://en.wikipedia.org/wiki/
5-2023 Secure_Hash_Algorithms
NT219–Cryptography Week 11: 4
SHA-1, SHA-2
Merkle-Damgard
Construction
)?
𝐸𝑋 =𝑀 𝑒𝑥 1∨|𝑀 𝑒𝑥 2|∨…
𝑀 𝑒𝑥 1
H ( 𝑀 )= H ¿
Compute without knowing the input
H ( 𝑀 ||𝑝𝑎𝑑𝑑𝑒𝑑|| EX ) =𝐻 ( 𝐸𝑋 ) ,
∗
where IV of
5-2023 NT219–Cryptography Week 11: 6
Length extension attack on SHA2
𝐾 , 𝐾
,
𝐾 𝐾
, ,
𝐻𝑁 𝑀 𝑒𝑥 1 𝑀 𝑒𝑥 2
)=
𝐸𝑋 =𝑀 𝑒𝑥 1∨|𝑀 𝑒𝑥 2|∨…
𝐻 𝑁 +1
5-2023 NT219–Cryptography Week 11: 7
SHA3 Standard
SHA-3 provides an alternative to SHA-2, and is drop-in compatible
with any system using SHA-2
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf
𝑃0 𝑃1 … 𝑃 𝑁 −1
r (block size)
2d
=…
𝐴= ( 𝑎𝑖 , 𝑗 , 𝑘)5 × 5 ×𝑤
https://chemejon.io/sha-3-explained/
Squeeze:
Each round, the next r bits of message is XOR’ed into the first r bits of
the state, and a function f is applied to the state.
After message is consumed, output r bits of each round as the hash
output; continue applying f to get new states
SHA-3 uses 1600 bits for state size
tag
Collision
resistance
https://en.wikipedia.org/wiki/Message_authentication_code
5-2023 NT219–Cryptography Week 11: 21
Message Authentication Code
Login
• Provide to server?
• Locate the row using name
• Check
authenticate the user
5-2023 NT219–Cryptography Week 11: 28
HMAC Security
abc123 … … ….. …
abcd1234 … …. … …
….
Rainbow table
https://hashkiller.io/
5-2023 NT219–Cryptography Week 11: 30