Scribd
Upload
36 views

Exploring Hash-Based Cryptography 2

Hash-based cryptography relies on hash functions to achieve security objectives like data integrity, digital signatures, password storage, blockchain security, and key derivation. A hash function takes input data and converts it to a fixed-length output hash value. Hash functions have properties like determinism, quick computation, collision resistance, and difficulty in guessing inputs from outputs.

Uploaded by

abidhasan8426
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
36 views

Exploring Hash-Based Cryptography 2

Hash-based cryptography relies on hash functions to achieve security objectives like data integrity, digital signatures, password storage, blockchain security, and key derivation. A hash function takes input data and converts it to a fixed-length output hash value. Hash functions have properties like determinism, quick computation, collision resistance, and difficulty in guessing inputs from outputs.

Uploaded by

abidhasan8426
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

Exploring Hash-Based

Cryptography

Prepared by Abid Hasan


Computer Engineering
Al Farabi Kazakh National University
What is Hash-Based Cryptography?
• Hash-based cryptography was first developed by Leslie Lamport and Ralph Merkle in the late
1970s. Hash-based cryptography creates digital signature algorithms whose security is
mathematically based on the security of a selected cryptographic hash function.
• A hash function is a unique identifier for any given piece of content. It’s also a process that takes
plaintext data of any size and converts it into a unique ciphertext of a specific length.
• Hash-based cryptography relies on hash functions to achieve various security objectives.
• Hash functions take an input and produce a fixed-size string of characters, known as a hash value.
Properties of Hash Functions

• They are deterministic, meaning that the same message always results in the same hash.
• They are quick to compute the hash value for any given message.
• They are collision-free, meaning that no two input hashes should map to the same output hash.
• They are hidden, meaning that it should be difficult to guess the input value for a hash function
from its output.
• They are puzzle-friendly, meaning that it should be difficult to select an input that provides a pre-
defined output.
Applications of Hash-Based Cryptography

• Data Integrity: Verifying data hasn't been altered using hash values.
• Digital Signatures: Creating and verifying signatures for authenticity and integrity.
• Password Storage: Securely storing passwords without exposing them.
• Blockchain: Securing transactions and creating an immutable ledger.
• Key Derivation: Generating cryptographic keys from passwords or secret values.
Data Integrity :
• Hash functions are used to ensure data integrity by generating hash values for data.
• Verifying the integrity of files / documents / messages. E.g. a SHA256 checksum may confirm
that certain file is original (not modified after its checksum was calculated).

• The above screenshot demonstrates how the SHA256 checksums ensure the integrity of the
OpenSSL files at the official Web site of OpenSSL.
Digital Signature:

• Hash functions play a vital role in digital signature schemes.


• The message is hashed and then encrypted with the sender's private key to create a signature.
• Recipients can verify the signature using the sender's public key
Password Storage:
• Hash functions are used to store passwords securely.
• Instead of storing plaintext passwords, systems store hashed representations.
• During authentication, the provided password is hashed and compared to the stored hash.

• The above example comes from the /etc/shadow file in a modern Linux system. The above passwords are
stored as multiple-round SHA-512 hashes with salt.
Blockchain:
• Hash functions form the backbone of blockchain technology.
• Each block contains a hash of the previous block, forming a chain.
• Any alteration to a block would change its hash, alerting the network to tampering attempts.

• Encryption: Process of converting plaintext to a ciphertext (random sequence).


• Decryption: Conversion of ciphertext to plain text; inverse of encryption.
• Cipher: This is the cryptographic algorithm that was used in encryption.
Key Derivation:
• Hash functions are utilized in key derivation functions.
• They generate cryptographic keys from passwords or seeds.
• This process is essential for secure key management.
• Key derivation functions are also used in applications to derive keys from secret passwords or
passphrases, which typically do not have the desired properties to be used directly as cryptographic
keys. In such applications, it is generally recommended that the key derivation function be made
deliberately slow so as to frustrate brute-force attack or dictionary attack on the password or
passphrase input value.

• Such use may be expressed as DK = KDF(key, salt, iterations), where DK is the derived key, KDF
is the key derivation function, key is the original key or password, salt is a random number which
acts as cryptographic salt, and iterations refers to the number of iterations of a sub-function. The
derived key is used instead of the original key or password as the key to the system.

You might also like