Scribd
Upload
2 views

TY5-51-EXP3

Uploaded by

vanshitaparab1475
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2 views

TY5-51-EXP3

Uploaded by

vanshitaparab1475
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Mahavir Education Trust's

SHAH & ANCHOR KUTCHHI ENGINEERING COLLEGE


Chembur, Mumbai - 400 088
UG Program in Information Technology

Experiment No. – 3

Date of Performance: 26/07/24

Date of Submission: 31/07/24

Program Execution/
formation/ Timely
Viva Experiment Sign with
correction/ Submission
(03) Total (10) Date
ethical practices (01)
(06)
Experiment No 3

Aim: Cryptographic Hash Functions and Applications (HMAC).

Theory:

What is HMAC?
HMAC, or Hash-based Message Authentication Code, is a method that combines a cryptographic
hash function with a secret key to create a secure authentication code. It offers strong resistance
to cryptanalysis due to its dual use of hashing. By leveraging both hashing and message
authentication codes (MAC), HMAC enhances security compared to traditional authentication
codes. Defined in RFC 2104, HMAC is also a mandatory implementation in IP security
protocols. The FIPS 198 standard from NIST further reinforces the use of HMAC.
Objectives of HMAC:
● One-Way Functionality: HMAC is designed to be a one-way function, making it easy to
generate an output from an input but difficult to reverse.
● Collision Resistance: HMAC aims to be more resilient against collisions than standard
hash functions.
● Algorithm Flexibility: HMAC utilizes algorithms such as MD5 and SHA-1, with the
ability to replace embedded hash functions with stronger alternatives if necessary.
● Simplified Key Handling: HMAC strives to simplify the management of cryptographic
keys.
Steps for HMAC:
1. Understand SHA-1: Familiarize yourself with the workings of the SHA-1 hash function.
For simplicity, a dummy hash will be used in this experiment.
2. Select Plaintext: Choose a plaintext for which the HMAC tag will be computed by
clicking on the "Next Plaintext" button.
3. Initialization Vector (IV): For simplicity, set l=8l = 8l=8 (ensure l<length of plaintext4l <
\frac{\text{length of plaintext}}{4}l<4length of plaintext​). Select an IV of length lll by
clicking on the "Next IV" button.
4. Compute Ciphertext:
○ Use the inner padding (ipad) and outer padding (opad) as described in the
theoretical section to compute the ciphertext with the provided hash function.
○ Divide the plaintext mmm into kkk chunks of 8 bits. The kkk-th chunk may be
shorter than 8 bits, so pad it with zeros to ensure it is 8 bits long.
5. Compute z0z_0z0​: Calculate z0=IV∣∣(k⊕ipad)z_0 = \text{IV} || (k \oplus
\text{ipad})z0​=IV∣∣(k⊕ipad) manually, where ∣∣||∣∣ denotes concatenation, and enter
z0z_0z0​in the "Your text" field to obtain z1z_1z1​.
6. Compute Subsequent zzz Values: For each chunk, compute z1=z0∣∣m1z_1 = z_0 ||
m_1z1​=z0​∣∣m1​manually and enter z1z_1z1​to get z2z_2z2​. Repeat this until you
compute zk+1=zk∣∣Lz_{k+1} = z_k || Lzk+1​=zk​∣∣L, where L=∣m∣L = |m|L=∣m∣
(make LLL 8 bits by padding zeros on the left).
7. Compute ppp: Calculate p=IV∣∣(k⊕opad)p = \text{IV} || (k \oplus
\text{opad})p=IV∣∣(k⊕opad) manually and enter ppp to get qqq.
8. Compute Final Tag: Compute r=q∣∣zk+1r = q || z_{k+1}r=q∣∣zk+1​manually and enter
rrr to obtain the final HMAC tag ttt.
Notice: All intermediate values z0,z1,z2,…,zk,zk+1,p,rz_0, z_1, z_2, \ldots, z_k, z_{k+1}, p,
rz0​,z1​,z2​,…,zk​,zk+1​,p,r are of size 2l2l2l (16 bits in this case since l=8l = 8l=8).

Conclusion: This experiment offered insights into Hash-based Message Authentication Code
(HMAC), demonstrating its construction and functionality. We examined how HMAC employs
cryptographic hash functions and secret keys to convert plaintext into secure ciphertext. The
step-by-step process emphasized the significance of padding and iterative calculations in
producing a robust HMAC tag, underscoring its essential role in ensuring data integrity and
authenticity in cryptography.
Output:

You might also like