This preview shows page 1. Sign up to view the full content.
Unformatted text preview: NO
for some One-Way Hash Functions
No encryption for message authentication
Secret value never sent; can’t modify the message One-way Hash Function Requirements
5. 6. H can be applied to a block of data of any size
H produces a fixed length output
H(x) is relatively easy to compute
For any given code h, iit is computationally infeasible to find x
such that H(x) = h
For any given block x, iit is computationally infeasible to find y ≠ x
with H(y) = H(x)
It is computationally infeasible to find any pair (x,y) such that
H(x) = H(y)
H(x) strong collision
birthday attack weak collision
resistance How likely to have Hash output collisions ?
Set of Messages of
up to N-bit long, i.e.
There are as many as
n = 2N messages in this set H( ) Set of Message-digests of
M-bit long, i.e.there are
at most m= 2M digests
in this set Since N >> M , (and therefore) n >> m, collisions are
inevitable no matter how secure the one-way function H( )...
View Full Document
- Fall '13