crypto-slides-06-hashing.1x1

crypto-slides-06-hashing.1x1 - Hashing, One-Time...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Hashing, One-Time Signatures, and MACs c circlecopyrt Eli Biham - August 18, 2010 157 Hashing, One-Time Signatures, and MACs (6) Digital Signatures A signature ( î éú ) is • Writing the name of a person, in his own hands, as a confirmation. • Commitment. Distinguish between • Identification: Assures the identity ( é ). • Commitment: Assures the commitment ( ú éú ). c circlecopyrt Eli Biham - August 18, 2010 158 Hashing, One-Time Signatures, and MACs (6) † Digital Signatures (cont.) It is possible to have identification without commitment, and vice versa: • An anonymous letter has neither. • A company letter has an identifying title. • A check is a commitment, even if it has no identification. c circlecopyrt Eli Biham - August 18, 2010 159 Hashing, One-Time Signatures, and MACs (6) Digital Signatures (cont.) A Digital signature S ( M ) ( ú éú øñî éú ): 1. Computable by the signer for any message M . 2. Everybody (and the receiver in particular) can verify its originality. 3. It is impossible to forge a signature. 4. The signer cannot claim that a message he signed is forged. c circlecopyrt Eli Biham - August 18, 2010 160 Hashing, One-Time Signatures, and MACs (6) One Way Functions Informal Definition : A one way function ( ú éðëéö÷ ð ) Y = f ( X ) is a function which is efficient to calculate but difficult to invert: for a given Y it is difficult to find any X such that Y = f ( X ). Note: There is no relationship between a one way function and an invertible function. Example : Y = f ( X ) = AES X (0) is a one way function, if there is no suc- cessful attack on AES which finds the key X from the ciphertext Y . c circlecopyrt Eli Biham - August 18, 2010 161 Hashing, One-Time Signatures, and MACs (6) • Lamport and Diffie’s Signature Scheme Preparation : 1. A one way function Y = f ( X ) is selected. 2. Each user U chooses 2 n random values X ,X 1 ,...,X 2 n − 1 , and computes Y ,Y 1 ,...,Y 2 n − 1 by Y i = f ( X i ). 3. U publishes the vector Y = ( Y ,Y 1 ,...,Y 2 n − 1 ) in a public file under his name (i.e., in a newspaper, or in a public file maintained by a trusted center). 4. U publishes in advance as many vectors as the number of signatures he is expected to sign. c circlecopyrt Eli Biham - August 18, 2010 162 Hashing, One-Time Signatures, and MACs (6) Lamport and Diffie’s Signature Scheme (cont.) Signature generation : 1. A wants to sign an n-bit message M to B ( M = m m 1 ...m n − 1 ). 2. A chooses one of his unused vectors from the public file, and sends it to B. 3. B verifies the existence of the vector in the public file. 4. A and B mark the vector as used in the public file. 5. A computes the signature S = S S 1 ...S n − 1 by S i = X 2 i , if m i = 0; X 2 i +1 , if m i = 1 and sends the signature S to B....
View Full Document

Page1 / 42

crypto-slides-06-hashing.1x1 - Hashing, One-Time...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online