03_hash - Hashes and Integrity Peter Sjdin psj@kth.se Based...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Hashes and Integrity Peter Sjödin psj@kth.se Based on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Motivation: Integrity Software manufacturer wants to ensure that the executable file is received by users without modification. It sends out the file to users and publishes its hash in NY Times. The goal is integrity , not secrecy Idea: given goodFile and hash(goodFile), very hard to find badFile such that hash(goodFile)=hash(badFile) goodFile BigFirm™ User VIRUS badFile The Times hash(goodFile)
Background image of page 2
3 Integrity vs. Secrecy Integrity: attacker cannot tamper with message Encryption per se does not guarantee integrity – Intuition: attacker may able to modify message under encryption without learning what it is – This is recognized by industry standards (e.g., PKCS) • “RSA encryption is intended primarily to provide confidentiality… It is not intended to provide integrity” (from RSA Labs Bulletin) – Some encryption schemes provide secrecy AND integrity
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Motivation: Authentication Alice wants to make sure that nobody modifies message in transit Ensures both integrity and authentication (why?) Idea: given msg, very hard to compute hash(KEY,msg) without KEY Very easy with KEY msg, hash(KEY,msg) Alice Bob KEY KEY
Background image of page 4
5 Hash Functions: Main Idea bit strings of any length n-bit bit strings . . . . . x’ x’’ x y’ y hash function H H is a lossy compression function Collisions: H(x)=H(x’) for some inputs x, x’ Result of hashing should “look random” Intuition: half of digest bits are “1”; any bit in digest is “1” half the time Any two outputs should be uncorrelated – differ by half of the bits Cryptographic hash function needs a few properties… message “digest” message
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/16/2011 for the course ICT 2 taught by Professor 2 during the Spring '11 term at Kungliga Tekniska högskolan.

Page1 / 19

03_hash - Hashes and Integrity Peter Sjdin psj@kth.se Based...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online