Chapter 5: Hash

Functions++
“I'm sure [my memory] only works one way.” Alice remarked.
“I can't remember things before they happen.”
“It's a poor sort of memory that only works backwards,”
the Queen remarked.
“What sort of things do you remember best?" Alice ventured to ask.
“Oh, things that happened the week after next,"
the Queen replied in a careless tone.
 Lewis Carroll, Through the Looking Glass

Part 1  Cryptography
1
 Hash Function Motivation
• Suppose Alice signs M
• Alice sends M and S = [M]Alice to Bob
• Bob verifies that M = {S}Alice
• Can Alice just send S?
• If M is big, [M]Alice costly to compute & send
• Suppose instead, Alice signs h(M), where h(M) is a
much smaller “fingerprint” of M
• Alice sends M and S = [h(M)]Alice to Bob
• Bob verifies that h(M) = {S}Alice
Part 1  Cryptography
2
Hashing
Modification Detection Code (MDC)
Hash Function Motivation
• So, Alice signs h(M)
• That is, Alice computes S = [h(M)]Alice
• Alice then sends (M, S) to Bob
• Bob verifies that h(M) = {S}Alice
• What properties must h(M) satisfy?
• Suppose Trudy finds M’ so that h(M) = h(M’)
• Then Trudy can replace (M, S) with (M’, S)
• Does Bob detect this tampering?
• No, since h(M’) = h(M) = {S}Alice
Part 1  Cryptography
4
Crypto Hash Function
• Crypto hash function h(x) must provide
• Compression  output length is small
• Efficiency  h(x) easy to compute for any x
• One-way  given a value y it is infeasible to find an x
such that h(x) = y
• Weak collision resistance  given x and h(x),
infeasible to find y  x such that h(y) = h(x)
• Strong collision resistance  infeasible to find any x
and y, with x  y such that h(x) = h(y)
• Lots of collisions exist, but hard to find any
Part 1  Cryptography
5
Pre-Birthday Problem
• Suppose N people in a room
• How large must N be before the probability someone has same
birthday as me is  1/2 ?
• Solve: 1/2 = 1  (364/365)N for N
• We find N = 23

Part 1  Cryptography
6
Popular Crypto Hashes
• MD5  invented by Rivest (of course…)
• 128 bit output
• MD5 collisions easy to find, so it’s broken
• SHA-1  A U.S. government standard, inner
workings similar to MD5
• 160 bit output
• SHA-256, -512 – 256/512 bit output
• Many other hashes, but MD5 and SHA-1, -256 are
the most widely used
• Hashes work by hashing message in blocks

Part 1  Cryptography
7
Hash Uses
• Authentication (HMAC)
• Message integrity (HMAC)
• Message fingerprint
• Data corruption detection
• Digital signature efficiency
• Anything you can do with symmetric crypto
• Also, many, many clever/surprising uses…

Part 1  Cryptography
8
Online Bids
• Suppose Alice, Bob and Charlie are bidders
• Alice plans to bid A, Bob B and Charlie C
• They don’t trust that bids will stay secret
• A possible solution?
• Alice, Bob, Charlie submit hashes h(A), h(B), h(C)
• All hashes received and posted online
• Then bids A, B, and C submitted and revealed
• Hashes don’t reveal bids (one way)
• Can’t change bid after hash sent (collision)
• But there is a serious flaw here…

Part 1  Cryptography
9
Information Hiding

Part 1  Cryptography
10
Information Hiding
• Digital Watermarks
• protect copyright of the owner
• Example: Add “invisible” info to data
• Defense against music/software piracy
• Steganography
• “Secret” communication channel
• Similar to a covert channel (more later)
• Example: Hide data in an image file

Part 1  Cryptography
11
Watermark
• Add a “mark” to data
• Visibility (or not) of watermarks
• Invisible  Watermark is not obvious
• Visible  Such as TOP SECRET
• Strength (or not) of watermarks
• Robust  Readable even if attacked
• Fragile  Damaged if attacked

Part 1  Cryptography
12
Watermark Examples
• Add robust invisible mark to digital music
• If pirated music appears on Internet, can trace it back
to original source of the leak
• Add fragile invisible mark to audio file
• If watermark is unreadable, recipient knows that audio
has been tampered with (integrity)
• Combinations of several types are sometimes used
• E.g., visible plus robust invisible watermarks

Part 1  Cryptography
13
Watermark Example (1)
• Non-digital watermark: U.S. currency

 Image embedded in paper on rhs

o Hold bill to light to see embedded info
Part 1  Cryptography
14
Watermark Example (2)
• Add invisible watermark to photo
• Claim is that 1 inch2 contains enough info to reconstruct entire photo
• If photo is damaged, watermark can be used to reconstruct it!

Part 1  Cryptography
15
Steganography
• According to Herodotus (Greece 440 BC)
• Shaved slave’s head
• Wrote message on head
• Let hair grow back
• Send slave to deliver message
• Shave slave’s head to expose a message warning of
Persian invasion
• Historically, steganography used by military more
often than cryptography
Part 1  Cryptography
16
Images and
Steganography
• Images use 24 bits for color: RGB
• 8 bits for red, 8 for green, 8 for blue
• For example
• 0x7E 0x52 0x90 is this color
• 0xFE 0x52 0x90 is this color
• While
• 0xAB 0x33 0xF0 is this color
• 0xAB 0x33 0xF1 is this color
• Low-order bits don’t matter…
Part 1  Cryptography
17
Images and Stego
• Given an uncompressed image file…
• For example, BMP format
• …we can insert information into low-order RGB bits
• Since low-order RGB bits don’t matter, changes will
be “invisible” to human eye
• But, Computer program can “see” the bits

Part 1  Cryptography
18
Stego Example 1

• Left side: plain Alice image

• Right side: Alice with entire Alice in Wonderland
(pdf) “hidden” in the image
Part 1  Cryptography
19
Steganography
• Some formats (e.g., image files) are more difficult
than html for humans to read
• But easy for computer programs to read…
• Easy to hide info in unimportant bits
• Easy to damage info in unimportant bits
• To be robust, must use important bits
• But stored info must not damage data
• Collusion attacks are also a concern
• Robust steganography is tricky!

Part 1  Cryptography
20
Information Hiding:
The Bottom Line
• Not-so-easy to hide digital information
• “Obvious” approach is not robust
• Stirmark: tool to make most watermarks in images unreadable
without damaging the image
• Stego/watermarking are active research topics

• If information hiding is suspected

• Attacker may be able to make information/watermark unreadable
• Attacker may be able to read the information, given the original
document (image, audio, etc.)

Part 1  Cryptography 21