1.In what ways can a hash value be secured so as to provide message authentication? Task: Answer the question above. Follow APA guidelines. Must use at least two references and citations
In what ways can a hash value be secured so as to provide message authentication
Answer preview to in what ways can a hash value be secured so as to provide message authentication
APA
321 words
Get instant access to the full solution from yourhomeworksolutions by clicking the purchase button below
Official:
"Property [v] above defines weak collision resistance. Property [vi] defines strong collision resistance."
- Second preimage resistance [weak collision resistance]: it is computationally infeasible to find any second input which has the same output as that of a specified input, i.e., given x, it is difficult to find a second preimage x′ ≠ x such that h[x] = h[x′].
- [Strong] collision resistance: It is computationally infeasible to find any pair [x, y] such that H[x] = H[y], i.e. district inputs.
With preimage attack, you already know one X. With collision resistance, you have more freedom, for you need to find any pair that matches.
Brute-force preimage and second preimage attacks require 2n effort, while a collision attack only requires 2n/2 effort [i.e., due to the birthday paradox] for a hash code of length n. This is because the more variations there, i.e. the more people there are in a room, the higher the changes that two people will have the same birthday.
Homework Help
Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 2 out of 3 pages.
1.In what ways can a hash value be secured so as to provide message authentication?
Get answer to your question and much more
Upload your study docs or become a
Course Hero member to access this document
Upload your study docs or become a
Course Hero member to access this document
End of preview. Want to read all 3 pages?
Upload your study docs or become a
Course Hero member to access this document
Tags
Cryptography, hash function, Cryptographic hash function, hash code
Newly uploaded documents
Newly uploaded documents
Hash-based Message Authentication Code [HMAC] is a message authentication code that uses a cryptographic key in conjunction with a hash function.
Hash-based message authentication code [HMAC] provides the server and the client each with a private key that is known only to that specific server and that specific client. The client creates a unique HMAC, or hash, per request to the server by hashing the request data with the private keys and sending it as part of a request. What makes HMAC more secure than Message Authentication Code [MAC] is that the key and the message are hashed in separate steps.
HMAC[key, msg] = H[mod1[key] || H[mod2[key] || msg]]
This ensures the process is not susceptible to extension attacks that add to the message and can cause elements of the key to be leaked as successive MACs are created.
Once the server receives the request and regenerates its own unique HMAC, it compares the two HMACs. If they're equal, the client is trusted and the request is executed. This process is often called a secret handshake.
This was last updated in November 2010
Next Steps
The spate of credit card breaches of major retailers demand more advanced cryptography standards to protect credit card holders. The Payment Card Industry Data Security Standard [PCI DSS] requires merchants to encrypt specific card holder information. Understanding the choice of encryption methods such as hashing, public-private key and others is a high priority towards ensuring retailers don’t get breached. Learn more about authentication, and get started by reading a primer on multifactor authentication in the enterprise. Then read our comparison of MFA tools to get the inside scoop on the product landscape.
Continue Reading About Hash-based Message Authentication Code [HMAC]
- Using symmetric key encryption algorithm for hash function cryptography
- Using MAC and HMAC for hash function encryption
- MD5 security: Migrating to SHA 1 hash algorithm
- Read about how APIs are authenticated so only authorized users can perform actions
Dig Deeper on Identity and access management
-
rainbow table
By: Alexander Gillis
-
password salting
By: Rahul Awati
-
MD5
By: Mary Shacklett
-
hashing
By: Andrew Zola