L02_HashMDMAC

The answer is no for some one way hash functions no

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: NO for some One-Way Hash Functions No encryption for message authentication Secret value never sent; can’t modify the message One-way Hash Function Requirements 1. 2. 3. wea 4. k 5. 6. H can be applied to a block of data of any size H produces a fixed length output one H(x) is relatively easy to compute way For any given code h, iit is computationally infeasible to find x t For such that H(x) = h H(x) For any given block x, iit is computationally infeasible to find y ≠ x t with H(y) = H(x) H(y) It is computationally infeasible to find any pair (x,y) such that It (x,y) H(x) = H(y) H(x) strong collision resistance birthday attack weak collision resistance How likely to have Hash output collisions ? Output: Input: Set of Messages of up to N-bit long, i.e. There are as many as n = 2N messages in this set H( ) Set of Message-digests of M-bit long, i.e.there are at most m= 2M digests in this set Since N >> M , (and therefore) n >> m, collisions are Since >> >> collisions inevitable no matter how secure the one-way function H( )...
View Full Document

Ask a homework question - tutors are online