Message Authentication and Hash function 2 · SHA-512 | Preprocessing 2. Parsing the Padded Message...
Transcript of Message Authentication and Hash function 2 · SHA-512 | Preprocessing 2. Parsing the Padded Message...
Message Authentication and Hash function 2
Concept and Example
1 IT352 | Network Security
|Najwa AlGhamdi
SHA : Secure Hash Algorithm
• Four secure hash algorithms, SHA-11, SHA-256, SHA-384, and SHA-512.
• All four of the algorithms are iterative, one-way hash functions that can process a message to produce a message digest.
• This property is useful in the generation and verification of 1. Digital signatures
2. Message authentication codes
3. random numbers (bits).
IT352 | Network Security |Najwa AlGhamdi
2
SHA 512
• The most widely used hash function • Input max size is 2128 • Output size is 512 bit digest. • The input is processed in1024 bit blocks. • SHA algorithm described into two steps 1. Preprocessing
– Padding the message, M. – Parsing the padded message into message blocks – Setting the initial hash value, H(0)
2. Hash computation – It generates a message schedule from the
padded message. – uses that schedule, along with functions,
constants, and word operations to iteratively generate a series of hash values
• The final hash value generated by the hash computation is used to determine the message digest.
IT352 | Network Security
|Najwa AlGhamdi 3
SHA-512 | Preprocessing
1. Padding the Message • The message, M, shall be padded
before hash computation begins. • The purpose of this padding is to
ensure that the padded message 1024 bits.
• If the length of the message M, in bits, is l bits the – Append the bit “1” to the end of the
message – followed by k zero bits, where k is the
smallest non-negative solution to the equation
• l +1+ k = 896(mod1024)
IT352 | Network Security |Najwa AlGhamdi
4
SHA-512 | Preprocessing
1. Padding the Message
Example:
• For example, the (8-bit ASCII) message “abc” has length
• l=8×3 = 24, so the message is padded with a one bit, then 896 - (24 + 1) = 871 zero bits
• and then the message length to become the 1024-bit padded message.
• The length of the padded message should now be a multiple of 1024 bits.
IT352 | Network Security |Najwa AlGhamdi
5
SHA-512 | Preprocessing
2. Parsing the Padded Message
• After a message has been padded, it must be parsed into N m-bit blocks before the hash computation can begin.
• the padded message is parsed into N 1024-bit blocks, M(1), M(2),…,M(N).
• 1024 bits of the input block may be expressed as sixteen 16 words of size 64 bits (W0—W15).
3. Setting the Initial Hash Value (H(0))
• Before hash computation begins for each of the secure hash algorithms, the initial hash value, H(0), must be set.
IT352 | Network Security |Najwa AlGhamdi
6
SHA-512 | Preprocessing
3. Setting the Initial Hash Value (H(0))
• the initial hash value, H(0), shall consist of the following eight 64-bit words, in hex
• These words were obtained by taking the first sixty-four bits of the fractional parts of the square roots of the first eight prime numbers.
IT352 | Network Security |Najwa AlGhamdi
7
SHA-512 | Hash Computing
.
IT352 | Network Security |Najwa AlGhamdi
8
SHA-512 | Hash Computing
IT352 | Network Security |Najwa AlGhamdi
9
2. Initialize these values
1. Prepare the message
schedule, {Wt}
3. Compute intermediate values of a,b,c,d,e,f,g,h using constant K
SHA-512 | Hash Computing
IT352 | Network Security |Najwa AlGhamdi
10
4. Compute the ith intermediate hash value H(i):
SHA-512 | Hash Computing
• After all N 1024 bit block have been processed , the output from the Nth stage is the 512 bit message digest.
IT352 | Network Security |Najwa AlGhamdi
11
HMAC
• There has been increased interest in developing MAC derived from hash code such as SHA.
– Hash function execution are faster than encryption function.
– Library code for hash function is wieldy used.
• However , Hash function like SHA cannot be used as MAC . Why?
IT352 | Network Security |Najwa AlGhamdi
12
HMAC
• HMAC : Incorporating a secrete key in a hash function.
• HMAC has advantages over SHA
– More secure, because the embedded hash function has the strength of cryptography.
IT352 | Network Security |Najwa AlGhamdi
13
HMAC Algorithm
• Variables 1. H= embedded hash
function (SHA) 2. M = Message. 3. Yi = ith block of M 4. L= number of blocks
in M 5. b= number of bits in
block 6. n= length of hash
code. 7. K= secret key. 8. K+= K padded with 0s
so that the result is b bit in the length .
9. Ipad = 00110110 repeated b/8 times
10. Opad = 01011100 repeated b/8 times
IT352 | Network Security |Najwa AlGhamdi
14
HMAC Algorithm
1. Append zeros to the left end of K to create a b-bit string K+.
2. XOR K+ With ipad to produce the b-bit block Si
3. Append M to Si.
4. Apply H to the stream generated in the step 3
5. XOR K+ with opad to produce the b-bit block So.
6. Append the hash result from step 4 to So.
7. Apply H to the stream generated in step6 and output the result.
IT352 | Network Security
|Najwa AlGhamdi 15
HMAC Algorithm
So HMAC can be expressed as
HMAC (K,M) =
H[ (K+ xor opad) ||
H [(K+ xor ipad) ||M] ]
IT352 | Network Security |Najwa AlGhamdi
16