Don't use plagiarized sources. Get Your Custom Essay on
Research Report on Cryptographic Hash Functions
Just from $13/Page
RESEARCH REPORT
ON
CRYPTOGRAPHIC HASH FUNCTIONS
This report presents various cryptographic hash function available till date and briefly describes their algorithms, good points, bad points. Discussed hash functions are md5, sha-1,sha-3, blake2, and tiger. Cryptographic hash functions are widely used in today’s information technology industry. Major breakthrough are been developed and some are in developing stage to counterattack the collision attacks. We are going to select one out of the above-mentioned hash function suitable for a data-oriented company.
ABSTRACT:
Cryptographic hash function has become an important part in many applications. World of cryptocurrency relies heavily on these cryptographic hash functions. Other uses are digital signature, verifying unique or duplicate records, also helpful in data corruption. In layman, it takes an input, process it and produces a digest which is fixed size alphanumeric string, not understandable by human being. There are some old and new versions of cryptographic hash functions available.MD5 AND SHA1 are older ones and SHA3, BLAKE2, TIGER is some of the newer versions. In this report we are going to discuss these hash function, depending upon their characteristics, vulnerabilities and strengths, one of them can be decided to use for a data-oriented company. Basically, the older one’s MD-5 hashing algorithm is still generally utilized however, cryptographically defective as it can infer collision. MD-5 is broken due to collision, however not in respect of preimages or second preimages. The primary attack on MD-5 were done in 1996, this attack was done on the compression of MD-5 not on MD-5 itself. Hypothetical attack was created in year 2004. But in actual the attacks done on MD-5 are way too slow to decrease its value. SHA-1 hashing algorithm is cryptographically defective but the properties which we need in password hashing algorithm are still utilized. It indirectly means whatever “password hashing algorithm” which are built according to the SHA-1 are secure. So, firms which are using this algorithm feel secure finds no reason to change to something new. SHA3 (keccak) newer algorithm defeated other new algorithm Blake in a competition hosted by national institute of standards and technology, reason being not designed specifically for ASIC mining. The newer versions are probably good and will be briefed in the upcoming paragraphs. Depending upon my research, I would suggest using SHA3 for the data-oriented company.
INTRODUCTION:
CRYPTOGRAPHIC HASH FUNCTIONS
Cryptographic hash functions are fundamental building blocks that are used within many different cryptographic algorithms and protocols. There are a number of crucial applications in the field of information security. So, some of the common algorithms that are known to be a cryptographic hash function include SHA-1, SHA-3, BLAKE2, TIGER, MD5 which is probably one of the most common one. MD5 also have some predecessors namely MD4. There’s also a successor to MD5 known as MD6. But basically, MD5 is among the more popular ones.
Basically, cryptographic hash function is a function which changes the input to an output which is hard to understand. It changes the input to the fixed size alphanumeric string. And the output is called the string value, digital fingerprints, digest, message or checksum.
There are three main characteristics of hash function stated down below:
For a given input, it is very easy to modify it through hash function.
For the generated output, it is very difficult to calculate an alphanumeric string.
For two slightly different message, their hash will be totally different.
Input of any length can be fed to the hash function and it will produce alphanumeric text of fixed length which acts as a signature for the provided input. Thereafter, the person who gets the message digest doesn’t know the real message, however the person who originally knew the message can only tell the digest is made from the same message or not.
A cryptographic hash function ought to be as random as could reasonably be expected, while it is as yet deterministic and calculatable effectively. From a cryptographic perspective, a cryptographic hash work is considered ” uncertain” if below mentioned points are measurable:
1. Find a message (already not seen) that relates to a given hash value.
2. Find ” collision ” that have a similar hash value for two unique messages.
The above two methods can be used by the attacker to alter the original message with an authorized message. Preferably, two unique messages whose digests (‘ hash value) are comparable ought to be not found. Obviously, the attacker learns something like one snippet of data, the digest itself, which enables the attacker to perceive whether a similar message occurred. MD5 and SHA-1 are the two most normally utilized hash functions for various standards and applications. Security defects are appearing, there could be a conceivable scientific shortcoming, and a more grounded hash functions is recommended. In 2007, the National Institute of Standards and Technology gave a challenge to work on hash called SHA-3, outcome were really phenomenal, lot of algorithms are available today with better functionality.
1.1 USES:
Hash function is used for number of applications, not only for the cryptography. It also includes practical applications such as authentication, digital signature, message integrity check, cryptocurrency, data corruption and various other application.
MD5 HASH FUNCTION
MD5 is one of the generally utilized hashing algorithm created by Ronald Rivest in 1991. MD5 is a successor of MD4. MD-5 is broken due to crashes, yet not in respect of pre-image or second pre-image. It produces 128 bits, a settled length hash value. In 1996 attacks on MD-5 were distributed.
2.1 MD5 ALGORITHM:
The following procedure shows the working of MD5 algorithm:
Generate message digest.
Append message digest to plain text.
Send to receiver.
Receiver will again generate message digest.
Generated message digest and appended message digest 4 & 1 will be compared.
If both message digest are same means, there is no modification done during the transmission. Plain text is processed in 512 bit & blocks. If the length is less than 512 some padding bits are to be appended.
Following shows the process for hashing:
Append padding bits.
Append 64-bit representation of plain text.
Now plain text length = multiples of 512 bits
Initialize the MD buffer (use to store the o/p of each buffer is of size 32 bits)
Output of message digest = 128 bits
Buffer required = 4 buffers (A, B, C, D).
Process each of 512 bits.
Output (message digest in buffers).
2.2 EXPLANATION OF ABOVE 5 STEPS:
Consider 4 buffers. Each block is processed in rounds. After completion of 4th round, addition modules to the o/p of buffers is applied. 1-16 constants will be used in first round, which means, this round consists of 16 steps. Every round consists of 16 steps, each step is going to use single one constant. So, 64 constants steps will be used. 1 step is equal to some part of plain text plus 16 constants and a logical function. At the end initial values of buffers will be added to the fourth round so that output will be message digest. And this output will act as an input for the second block.
2.3 GOOD POINTS OF MD5
It provides fast computation.
Latest one is collision resistance.
Being old, it is still in widespread use
It provides a one-way hash
2.4 BAD POINTS OF MD5
Has known for security flaws and vulnerabilities
Works really well but is less secure than the SHA-1 algorithm
SHA-1 HASH FUNCTION
SHA-1 was created by the U.S. Government’s Capstone venture. SHA-1 creates a message digest dependent on standards like those utilized by Ronald L. Rivest of MIT in the plan of the MD2, MD4 and MD5 message process calculations, yet produces a bigger hash value (160 bits versus 128 bits).
SHA-1 is regularly used to check that a file has been unaltered. This is finished by creating a checksum before the record has been transmitted, and after that again it achieves its goal. The transmitted file can be viewed as original only if the two checksums are same. SHA-1 is one of the four algorithms in the Secure Hash Algorithm (SHA) family. Most were produced by the US National Security Agency (NSA) and distributed by the National Institute of Standards and Technology (NIST).
SHA-0 has a 160-bits message process (hash value) size and was the basic version of this calculation. SHA-0 hash value are 40 digits in length. It was distributed under the name “SHA” in 1993 yet wasn’t utilized in numerous applications since it was immediately replaced with SHA-1 in 1995 because of a security flaw.
3.1 HOW IT WORKS:
One real world application where SHA-1 might be utilized is when a person uses secret password into a site’s login page. Despite the fact that it happens out of sight without one’s knowledge, it might be the technique a site uses to safely confirm that the secret password is genuine. In this, suppose one is attempting to login to a site he/she regularly visit. Each time the site asks to sign in, which require username and secret password.
Get Help With Your Essay
If you need assistance with writing your essay, our professional essay writing service is here to help!
Essay Writing Service
In the example, the site utilizes the SHA-1 cryptographic hash function, it implies the secret password is transformed into a checksum after entering it. So, this checksum is then compared with the checksum that was initially stored onto the website with the current password, regardless of whether one haven’t changed the secret password since he/she joined. If the two checksum matches, access is granted; if the checksum doesn’t match with each other than password with incorrect message is displayed.
Another example where the SHA-1 hash function might be utilized is for document verification. A few sites will give the SHA-1 checksum of the document on the download page so when the document is downloaded, one can check the checksum to guarantee that the downloaded document is equivalent to the one he/she planned to download. But where is the genuine use of this kind of encryption.
Let us consider a situation where we know the SHA-1 checksum of a document from the designer’s site, yet we need to download a similar form from an alternate site. We could then produce the SHA-1 checksum for the download and compare it. In the event that the two are unique, it not just means that the document’s content are not identifiable but rather that there could be secret malware in the document, the information could be corrupted and can cause harm to the PC documents, the record is nothing identified with the genuine record, and so forth.
Nonetheless, it could simply mean that one file may be an older version of the program than the other since even that little change will produce a different checksum value.
3.2 GOOD POINTS OF SHA-1
Longer hash value compared with MD5
Collision resistant
Is in widespread use
It provides a one-way hash
BAD POINTS OF SHA-1
Slower computation comparing MD5
Known security vulnerabilities
MAJOR DIFFERENCES IN MD5 AND SHA1
MD5
SHA-1
Came to existence in year 1992.
Came to existence in year 1995.
Its length is 128 bits.
Its length is 160 bits.
It is much faster than SHA-1.
It is slower than the MD5
It has 64 iteration.
It has 80 iteration.
Buffer space allocated is 128 bits.
Buffer space allocated is 160 bits.
This hash function can be easily attacked by the cryptanalytics attacks.
This hash function cannot be easily attacked by the cryptanalytics attacks.
It has 16 Rounds.
It has 20 Rounds.
It is less secure.
It is more secure.
SHA-3 HASH FUNCTION:
SHA-3 (Secure Hash Algorithm 3) is the most recent member from the Secure Hash Algorithm group, designed by NIST on August 5, 2015. Although part of a similar algorithm, SHA-3 is unique in relation to the MD5-like structure of SHA-1 and SHA-2. SHA-3 is a subset of the more extensive cryptographic family Keccak planned by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. Keccak’s creators have proposed extra uses for the function, not (yet) institutionalized by NIST, a confirmed encryption framework, a “tree” hashing plan for speedy hashing on certain architectures, AEAD ciphers Keyak and Ketje.
Keccak depends on a novel methodology called sponge construction. Sponge construction depends on a wide arbitrary function or irregular permutation, and permits input any quantity of information, and yielding any quantity of information, while going about as a pseudorandom function with respect to every single previous info. This prompt gives adaptability. NIST does not at present intend to pull back SHA-2 or expel it from the modified Secure Hash Standard. The motivation behind SHA-3 is that it tends to be straightforwardly substituted for SHA-2 in current applications if fundamental, and to essentially enhance the power of NIST’s general hash calculation toolkit.The designer of the Keccak algorithm and the SHA-3 function recommend utilizing the quicker function KangarooTwelve with balanced parameters and another tree hashing mode without additional overhead for little message sizes.
5.1 DESIGN:
SHA-3 utilizes the sponge construction, in which information is “absorbed” into the sponge, at that point the outcome is “squeezed” out. In the absorbing stage, message blocks are XORed into a subset of the state, which is then changed overall, utilizing a permutation function f. In the “squeezing” stage, O/P blocks are perused from a similar subset of the state, exchanged with the state change function f. The size of the state is composed and read and is known as the “rate” (meant r), and the part which is untouched is known as “limit” (signified c). The limit decides the security of the plan. The most extreme security level is a large portion of the capacity.
5.2 GOOD POINTS OF SHA-3:
Fast in hardware
Massive security margin because of high rounds.
5.3 BAD POINTS OF SHA-3:
Slow in software
Because of its speed attacker can try on lots of software even if salt is applied.
5.4 EXAMPLES OF SHA-3 VARIANTS:
SHA3-256(“”)
3338be694f50c5f338814986cdf0686453a888b84f424d792af4b9202398f392
SHA3-384(“”)
0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004
SHA3-512(“”)
a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26
Changing a single bit causes each bit in the output to change with 50% probability,
SHAKE128(“The quick brown fox jumps over the lazy dog”, 256)
f4202e3c5852f9182a0430fd8144f0a74b95e7417ecae17db0f8cfeed0e3e66e
SHAKE128(“The quick brown fox jumps over the lazy dof”, 256)
853f4538be0db9621a6cea659a06c1107b1f83f02b13d18297bd39d7411cf10c
BLAKE2 HASH FUNCTION:
The cryptographic hash function BLAKE2, an enhanced version of the SHA-3, finally BLAKE enhanced the speed in programming. An enhanced BLAKE2 comes with the following properties:
• Faster than MD5 on 64-bit Intel platforms
• 32% less RAM required than BLAKE
• Minimal padding, which is quicker and faster to implement.
• Direct help, with no overhead, of
Parallelism for very quick hashing on multicore or SIMD CPUs
Tree hashing for update or update of huge file
Prefix-MAC for validation that is less complex and quicker than HMAC
Personalization for characterizing a different hash function for every application
6.1 DESCRIPTION OF BLAKE2
BLAKE2 comes in two flavors:
BLAKE2b (or just BLAKE2) is made for 64-bit platforms—including NEON-empowered ARMs—and creates digests of any size somewhere in the range of 1 and 64 bytes.
BLAKE2s is made for 8-to 32-bit stages and creates digests of any size somewhere in the range of 1 and 32 bytes.
Both are accepted to be exceedingly secure and have great performance on any platform, also on any software or hardware. Both are compact to any CPU, but still can be as fast as when utilized on the CPU estimate for which it is upgraded; for instance, on a Tegra 2 (32-bit ARMv7-based SoC) BLAKE2s is relied upon to be about twice as quick as BLAKE2b, though on an AMD A10-5800K (64-bit, Piledriver microarchitecture), BLAKE2b is relied upon to be more than 1.5 times as quick as BLAKE2s. Since BLAKE2 is fundamentally the same as BLAKE, and initially portray the alteration presented with BLAKE2.
6.2 ROUNDS:
BLAKE2b completes 12 rounds, and BLAKE2s completes 10 rounds, against 16 and 14 individually for BLAKE. In light of the security examination performed up until now, and on sensible expectation on future advancement, it is improbable that 16 and 14 rounds are seriously more secure than 12 and 10 rounds. Review that the initial BLAKE had 14 and 10 rounds, respectively, and that the later increment was inspired by the rapid speed of BLAKE. This change provides an immediate speed of about 25% and 29%, respectively, on large information. speed on short information likewise essentially improved.
6.3 PARAMETERS:
BLAKE2b
BLAKE2s
Bits in word
w = 64
w = 32
Rounds in F
r = 12
r = 10
Block bytes
bb = 128
bb = 64
Hash bytes
1 <= nn <= 64
1 <= nn <= 32
Key bytes
0 <= kk <= 64
0 <= kk <= 32
Input bytes
0 <= ll < 2**128
0 <= ll < 2**64
G Rotation
(R1, R2, R3, R4)
(R1, R2, R3, R4)
constants =
(32, 24, 16, 63)
(16, 12, 8, 7)
6.4 GOOD POINTS OF BLAKE2:
1.3 to 1.7 times faster in software
Best for 512-bit digest
Lower round count but still retain the expected security
Blake2b superior choice for password based key derivation function.
7. TIGER HASH FUNCTION:
This hash function was designed in 1995 by ROSS ANDERSON and ELI BIHAM particularly for 64-bit platforms. The tiger hash value consists of 192 bits. Other truncated versions of the tiger hash functions are Tiger/128 and Tiger/160. These versions can be used with protocols demanding a particular hash size. The digest size are as follows 192,128,160 and there are 24 rounds in this algorithm. Tiger 2 variant is a variant where a byte is first appended to the hexadecimal value of =0X80, just like in MD5, MD4 and 0X01. Otherwise the two variants are perfectly identical.
7.1 ALGORITHM:
Merkle-Damgard paradigm is used for producing Tiger hash function. Also known as one-way compression function. This operates on 64-bit value. It keeps 3 words of state and process 8 word of data. Combinations used for 24 rounds are:
XOR operation
Addition/Subtraction
S-box lookup
Intricate key scheduling algorithm.
This hash function works really fast in software but implementing it in hardware (physical devices) is often difficult.
USAGE:
It is often referred as TTH i.e. Tiger tree hash which is quite used in Merkle hash tree. Also used by direct connect, BitTorrent and Gnutella for great content.
EXAMPLE:
Tiger (“hello world”) =
4c8fbddae2e644f017b6f0e2f7b44c6285f06dd5d2c5b075
Tiger2(“hello world “) =
976abff8062a2e9dcea3a1ace966ed9c19cb85558b4976d8
COMPARISON TABLE:
8.1 TABLE-1: CYCLES PER BYTE ON INTEL CORE I5
Function
cycle per byte
Long msg
4096 B
64B
MD-5
5.0
5.2
13.1
SHA-1
4.7
4.8
13.1
SHA-3
8.2
8.5
26.0
BLAKE2
3.5
3.5
9.3
8.2 TABLE: CHARACTERISTICS COMPARISON
ALGORITHM
OUTPUT SIZE
INTERNAL STATE SIZE
BLOCK SIZE
LENGTH SIZE
ROUNDS
WORDS
BLAKE2B
512
1024
512
–
12
64
BLAKE2S
256
512
256
–
10
32
MD5
128
128
128
64
64
32
SHA-1
160
160
512
64
80
32
SHA-3
224/256/384/512
1600
1600-2*BITS
128
24
64
TIGER (2)-192/160/128
192/160/128
192
512
64
24
64
CONCLUSION
In this report, description of cryptographic hash function has been briefly explained. How different hash algorithm came in existence when attacks on such algorithms became common. Every algorithm has some good points and some bad points. Gathering all the bits and pieces I would suggest using BLAKE2 hash function for the data-oriented company. As it is an enhanced version of SHA3 hash function and considerably faster than MD5. It is also available for 32- and 64-bit platforms. It is considerably faster in both software and hardware. Also, it is resistant to collision attack which MD5 is not. Though there are some hypothetical claims that cryptographic hash functions lands into accidental collision. Hence it is just hypothetical only. Because in the long term it hasn’t happened to RIPEMD, SHA-256, TIGER. So, it cannot be said that BLAKE2 will have intentional collision as it is lot stronger than above mentioned hash functions.
REFERENCES:
Moffat, D. J., & Hughes, J. P. (2012). U.S. Patent No. 8,218,759. Washington, DC: U.S. Patent and Trademark Office.
Cryptographic hash function. (2019). Retrieved from https://simple.wikipedia.org/wiki/Cryptographic_hash_function.
Wang, X., & Yu, H. (2005, May). How to break MD5 and other hash functions. In Annual international conference on the theory and applications of cryptographic techniques (pp. 19-35). Springer, Berlin, Heidelberg.
Deepakumara, J., Heys, H. M., & Venkatesan, R. (2001). FPGA implementation of MD5 hash algorithm. In Electrical and Computer Engineering, 2001. Canadian Conference on (Vol. 2, pp. 919-924). IEEE.
Eastlake 3rd, D., & Jones, P. (2001). US secure hash algorithm 1 (SHA1) (No. RFC 3174).
Bauspiess, F., & Damm, F. (1992). Requirements for cryptographic hash functions. Computers & Security, 11(5), 427-437. doi: 10.1016/0167-4048(92)90007-e.
SHA-1. (2019). Retrieved from https://en.wikipedia.org/wiki/SHA-1
Sonh, S. (2012). A Study on Area-Efficient Design of Unified MD5 and HAS-160 Hash Algorithms. The Journal of The Korean Institute of Information and Communication Engineering, 16(5), 1015-1022. doi: 10.6109/jkiice.2012.16.5.1015
PHP | md5(), sha1(), hash () Functions – GeeksforGeeks. (2019). Retrieved from https://www.geeksforgeeks.org/php-md5-sha1-hash-functions/
Constantin, L. (2019). The SHA1 hash function is now completely unsafe. Retrieved from https://www.computerworld.com/article/3173616/security/the-sha1-hash-function-is-now-completely-unsafe.html
SHA-3. (2019). Retrieved from https://en.wikipedia.org/wiki/SHA-3
SHA3-256 Online. (2019). Retrieved from https://emn178.github.io/online-tools/sha3_256.html
Nakov, S. (2019). Hash Functions · Practical Cryptography for Developers. Retrieved from https://cryptobook.nakov.com/cryptographic-hash-functions.html
function? W. (2019). Why is SHA-3 a Sponge function? Retrieved from https://crypto.stackexchange.com/questions/56346/why-is-sha-3-a-sponge-function
What is the Difference Between SHA-1, SHA-2 and SHA-256? (2019). Retrieved from https://www.thesslstore.com/blog/difference-sha-1-sha-2-sha-256-hash-algorithms/
(2019). Retrieved from http://www.ijircce.com/upload/2015/sacaim/30_212.pdf
Newman, L., Lapowsky, I., Newman, L., Wright, R., Barrett, B., & Graff, G. (2019). A Super-Common Crypto Tool Turns Out to Be Super-Insecure. Retrieved from https://www.wired.com/2017/02/common-cryptographic-tool-turns-majorly-insecure/
Grimes, R. (2019). All you need to know about the move from SHA1 to SHA2 encryption. Retrieved from https://www.csoonline.com/article/2879073/encryption/all-you-need-to-know-about-the-move-from-sha1-to-sha2-encryption.html
BLAKE2. (2019). Retrieved from https://blake2.net/
BLAKE2? W., & Frame, R. (2019). What advantages does Keccak/SHA-3 have over BLAKE2? Retrieved from https://crypto.stackexchange.com/questions/31674/what-advantages-does-keccak-sha-3-have-over-blake2
BLAKE (hash function). (2019). Retrieved from https://en.wikipedia.org/wiki/BLAKE_(hash_function)
Aumasson, J. (2019). Why Replace SHA-1 with BLAKE2? Retrieved from https://research.kudelskisecurity.com/2017/03/06/why-replace-sha-1-with-blake2/
(2019). Retrieved from https://eprint.iacr.org/2013/322.pdf
Tiger (hash function). (2019). Retrieved from https://en.wikipedia.org/wiki/Tiger_(hash_function)
(2019). Retrieved from https://www.esat.kuleuven.be/cosic/publications/article-1138.pdf
(2019). Retrieved from https://www.researchgate.net/publication/221327094_Cryptanalysis_of_the_Tiger_Hash_Function
(2019). Retrieved from https://www.cl.cam.ac.uk/~rja14/Papers/tiger.pdf
