This document discusses public key cryptography and message authentication. It covers message authentication techniques like message authentication codes and one-way hash functions. A message authentication code uses a secret key to generate a small block of data to authenticate messages. One-way hash functions create a fixed-length fingerprint of a message to detect changes through properties like being collision free. Secure hash functions like SHA-1 and SHA-2 were developed by the NSA and NIST to satisfy requirements for hash functions used in message authentication.

1. Public Key Cryptography
and Message
Authentication (Asymmetric encryption)
1

2. Learning objectives
Message authentication
One-way hash
Secure hash
2

3. Message Authentication
Encryption protects against passive attack (eavesdropping)
Falsification of data and transaction can be against active attack.
Message authentication protects against active attacks.
Message authentication is a procedure to allow parties to
verify that received message is authentic (content is not altered
and source is authentic).
3

4. Message Authentication …
Message authentication is concerned with :
◦ protecting the integrity of a message (or data)
◦ validating identity of originator
◦ non-repudiation of origin (dispute resolution)
How to achieve it :
◦ With message encryption
◦ Encrypt the whole message with symmetric key encryption (not suitable , for example, may change
the block sequence in transmission which causes to have different data)
◦ Without message encryption (is not provides)
◦ Message authentication code (MAC)
◦ One-way hash function
4

5. Message Authentication Code
5
A secret key is used to generate small block of data,
knows as a message authentication mode (MCA).
Key makes the technique more secure (altering the
message and recreating the MAC in the middle!).
Solution: NIST recommends to use DES algorithm
on the message and then use the last 16 or 32 bit of
ciphertext as MAC.

6. Message Authentication Code…
6

7. One-way Hash Function
7
Hash function: A transformation of a message of
arbitrary length into a fixed-length number
◦ h = H (M)
◦ No secret key
Hash function creates a fingerprint (message digest) of
a message
◦ Used to detect changes to message
◦ usually assume hash function is public
◦ one-way property
◦ collision free (no same hash for two different data)
◦ cyclic redundancy check (CRC)
◦ XOR of every block of message
◦ http://www.fileformat.info/tool/hash.htm
Good for data integrity, but useless for security

8. One-way Hash Function…
8
Three different ways to authenticate message with
hash function: (secret key, public key and secret value)

9. Simple Insecure Hash Functions
9
Bit-by-bit exclusive-OR (XOR) of every block
◦ Ci = bi1 xor bi2 xor . . . xor bim
One-bit circular shift on hash value
◦ rotate current hash value to left by 1bit and XOR block

10. Simple Hash Functions using
Bitwise XOR
10

11. Hash Functions Requirements
11

12. One-way Hash Example
12
Notice
randomness

13. Secure Hash Function
13
SHA originally designed by NIST & NSA in 1993
Was revised in 1995 as SHA-1
160 bit Message digest (output)
SHA-2 (SHA-224, 256, 384, and 512) in 2002

14. SHA Versions
14
SHA-1 SHA-224 SHA-256 SHA-384 SHA-512
Message
digest size 160 224 256 384 512
Message
size < 264 < 264 < 264 < 2128 < 2128
Block size 512 512 512 1024 1024
Word size 32 32 32 64 64
Number of
steps 80 64 64 80 80

15. SHA 512
15

16. Q & A
Any questions?!
16