CPIS 312 Lab 9 1 MAC amp HASH FUNCTION TRIGUI Mohamed Salim To know what hashing is for Practice how to implement MD cipher 2 Lab Objectives Cryptographic hash function is another type of cryptographic algorithm ID: 627652
Download Presentation The PPT/PDF document "Information and Computer Security" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Information and Computer Security CPIS 312 Lab 9
1
MAC & HASH FUNCTION
TRIGUI Mohamed SalimSlide2
To know what hashing is forPractice how to implement MD cipher
2Lab
ObjectivesSlide3
Cryptographic hash function is another type of cryptographic algorithm.A (one-way) hash function takes variable length input and produces a fixed length output called hash value. Also known as “message digest” or digest. The hash function ensures that if the information has changed, an entirely different output value will be produced.
What is a Hash FunctionSlide4
Hash Function maps any message of any length, to an element in a different set.2 different messages could map to the same value
Uses of hash functions are with digital signatures and for data integrity.
What is a Hash FunctionSlide5
Common hash algorithmsSlide6
Message digest algorithms take a message of arbitrary size and create a digest of fixed size.The algorithm takes the message and splits it into blocks of equal length (the block size of the algorithm)The last block is padded, with a total message length attached
Each block is sent through the function in order.After all blocks are processed, the fixed digest value is retrieved
Message
Block 0
Block 1
Block 2
…
H(x)
Digest Value
<2
64
Block n
Technical Definition of MDAsSlide7
7MAC is an algorithm that requires the use of a secret key.MAC takes a variable-length message and a secret key as input and produces an authentication code.
Typically, MAC are used between two parties, say Alice and Bob, that share a secret key
K in order to validate information transmitted between these parties.When Alice has a message to send to Bob, she calculates the MAC as a function of the message and the key:
MAC = C(K, M)
where M=input message, C=MAC function, K=shared secret key.
Message authentication code MACSlide8
8Message authentication code MACSlide9
Standardized secure hash function that uses an input message and secret to compute a message authentication Code (MAC).Algorithm characteristics: nonreversible, collision resistant, avalanche effect (slight change in the input will cause a significant change in the MAC output.
Highly secure and easy to implement Technical Definition of SHA-1Slide10
10Alice sends to Bob a document as well as a MAC. Bob can authenticate who sent the document by performing the same MAC on the document and comparing his MAC to the one that Alice sent. If they match, he knows that Alice sent the document.
diamond icon represents a comparison process
Message authentication code MACSlide11
11Java Package: javax.crypto Java Class : Mac
Methods: getInstance(), init
(), update(), doFinal().Algorithms: HMAC (Hashed MAC)
MAC in JAVASlide12
12Java package: java.security
Java class: MessageDigestMethods: getInstance(), reset(), update(), digest().Algorithms:
MD5, SHA, SHA-1MD in JAVASlide13
13MessageDigest Class: A MessageDigest object starts out initialized.
The data is processed through it using the update methods. Once all the data to be updated has been updated, one of the digest
methods should be called once to complete the hash computation. After digest has been called, the MessageDigest object is reset
to its initialized state.
Ex:
MessageDigest
test =
MessageDigest.getInstance
("SHA-1");
test.update(data1);
// data1 is a byte array that holds the original massage
byte[] msgDigest = test.digest();
test.reset();
test.update(data2);
....
MD in JAVASlide14
14Alternative classes for computing a message digest on a file:
DigestInputStream and DigestOutputStream
Java pakage: java.securityDigestInputStream class:
To complete the message digest computation, call one of
read
methods. Then call one of the
digest
methods on the associated message digest .
int
read()
: Reads a byte, and updates the message digest and then return an integer value of the byte that it read.
Ex:
FileInputStream
in = new
FileInputStream
("MD.txt");
MessageDigest
md
=
MessageDigest.getInstance
("MD5");
DigestInputStream
digestIn
= new
DigestInputStream
(in,
md);
MD in JAVASlide15
15Java pakage:
java.securityDigestOutputStreamTo complete the message digest computation, call one of the digest methods on the associated message digest after that call one of the
write methods. void write(byte[] b) : Updates the message digest using the specified array, and in any case writes the array to the output stream.
Ex:
MessageDigest
md
=
MessageDigest.getInstance
("MD5");
FileOutputStream
out = new
FileOutputStream
("MDout.txt");
DigestOutputStream
dout
= new
DigestOutputStream
(out,
md
);
MD in JAVA