# Lecture12 - CSE 484(Winter 2008 Applied Cryptography...

• Notes
• 6

This preview shows page 1 - 3 out of 6 pages.

Applied Cryptography Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials ... CSE 484 (Winter 2008) Goals for Today Symmetric Reminder: Midterm on Friday. (Closed book.) Contents up through the material for today Not as hard as last year’s midterm. Make sure you understand the core concepts so far in this course: – Threat modeling – Software security • Problems Defensive approaches – Symmetric cryptography Components, definitions, security properties, classic problems Which Property Do We Need? UNIX passwords stored as hash(password) • One-wayness: hard to recover password Integrity of software distribution • Weak collision resistance • But software images are not really random… maybe need full collision resistance Auction bidding • Alice wants to bid B, sends H(B), later reveals B • One-wayness: rival bidders should not recover B • Collision resistance: Alice should not be able to change her mind to bid B’ such that H(B)=H(B’) Common Hash Functions MD5 • 128-bit output • Designed by Ron Rivest, used very widely • Collision-resistance broken (summer of 2004) RIPEMD-160 • 160-bit variant of MD5 SHA-1 (Secure Hash Algorithm) • 160-bit output • US government (NIST) standard as of 1993-95 – Also the hash algorithm for Digital Signature Standard (DSS)

Subscribe to view the full document.

Basic Structure of SHA-1 (Skip) Against padding attacks Split message into 512-bit blocks Compression function • Applied to each 512-bit block and current 160-bit buffer • This is the heart of SHA-1 160-bit buffer (5 registers) initialized with magic values SHA-1 Compression Function (Skip) Current message block Current buffer (five 32-bit registers A,B,C,D,E) Buffer contains final hash value Very similar to a block cipher, with message itself used as the key for each round Four rounds , 20 steps in each Let’s look at each step in more detail… Fifth round adds the original buffer to the result of 4 rounds A E B C

{[ snackBarMessage ]}

###### "Before using Course Hero my grade was at 78%. By the end of the semester my grade was at 90%. I could not have done it without all the class material I found."
— Christopher R., University of Rhode Island '15, Course Hero Intern

### What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern