SlideShare ist ein Scribd-Unternehmen logo

Hash Functions, the MD5 Algorithm and the Future (SHA-3)

Dylan Field
Dylan Field

The document discusses hash functions and the MD5 algorithm. It explains that a hash function maps inputs of arbitrary size to outputs of a fixed size, and that it is virtually impossible to derive the input given only the hash output. The document then provides a detailed overview of how the MD5 algorithm works, including converting the input to binary, padding it to a multiple of 512 bits, breaking it into 512-bit blocks, assigning initialization values, and performing 64 rounds of logical operations on each block that combines it with the output of the previous block.

BildungSportTechnologie
1 von 170
Downloaden Sie, um offline zu lesen
Hash Functions, the MD5 Algorithm and the Future (SHA-3) Dylan Field, Fall ’08 SSU Math Colloquium
What is a hash?
First, Consider Humpty Dumpty...
Humpty Dumpty sat on a wall.
Humpty Dumpty had a great fall.
All the king’s horses and all the king’s men
Couldn’t put Humpty together again.
X
h(x)
BUT h(x) is a one way function
... so they can’t put Humpty together again.
x hash function h(x) Humpty falls
‘ hello’ MD5 x hash function h(x) Humpty falls
5d41402abc4b ‘ hello’ MD5 2a76b9719d91 1017c592 x hash function h(x) Humpty falls
- going backwards - - sdrawkcab gniog -
- going backwards - - sdrawkcab gniog -
- going backwards - NO!!! - sdrawkcab gniog -
- going backwards - 5d41402abc4b 2a76b9719d91 1017c592 - sdrawkcab gniog -
- going backwards - 5d41402abc4b 2a76b9719d91 1017c592 ‘ hello’ - sdrawkcab gniog -
Requirements h(x)
Requirements h(x) Given h(x) cannot find x 1
Requirements h(x) Given h(x) h(x) is cannot find x constant 1 2
Requirements h(x) Given h(x) h(x) is Can’t find x2 cannot find x constant so h(x2)=h(x1) 1 2 3
Requirement #3 - Humpty Dumpty Style
Requirement #3 - Humpty Dumpty Style ≠
Requirement #3 - Humpty Dumpty Style ≠ ≠ ≠ ≠ .........
so how does it work?
‘ hello’
5d41402abc4b2a76b9719d911017c592
we’re going to focus on MD5
1. Convert ‘x’ to binary
‘ hello’ 0110100001100101011011000110110001101111
1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0
‘hello’ in binary 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0’s until 0000000000 0000000000 0000000000 0000000000 0000000000 x mod 512 = 496 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0’s until 0000000000 0000000000 0000000000 0000000000 0000000000 x mod 512 = 496 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 add 16 bit binary 0000000000101000 representation of x
xpadded = 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words
0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000 W1 = 01101000011001010110110001101100
1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3.
k[i] = |sin(i+1)| x 232 where ‘i’ is in radians
k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts
k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts w[g] = Word number (0 – 15)
k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts w[g] = Word number (0 – 15) h0 = a = 0x67452301 h1 = b = 0xEFCDAB89 h2 = c = 0x98BADCFE h3 = d = 0x10325476
1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part
But first... binary operations!
∧
∧ (AKA ‘AND’)
p q ∧ T T
p q ∧ T T T
p q ∧ T T T T F
p q ∧ T T T T F F
p q ∧ T T T T F F F T
p q ∧ T T T T F F F T F
p q ∧ T T T T F F F T F F F
p q ∧ T T T T F F F T F F F F
In binary: T=1 F=0
p q ∧ T T T T F F F T F F F F
p q ∧ bit 1 bit 2 ∧ T T T 1 1 1 T F F 1 0 0 F T F 0 1 0 F F F 0 0 0
∨
⊕
bit 1 bit 2 ∨ 1 1 1 1 0 1 0 1 1 0 0 0
⊕ “XOR is a type of logical disjunction on two operands that results in a value of “true” if and only if exactly one of the operands has a value of ‘true’”
bit 1 bit 2 ∨ bit 1 bit 2 ⊕ 1 1 1 1 1 F 1 0 1 1 0 T 0 1 1 0 1 T 0 0 0 0 0 F
¬
¬ (not)
¬1=0 ¬0=1
<< (bit shift)
1 0 1 0 1 0
0 1 0 1 0 0 1 0 1 0 0 0
Remember: a,b,c,d are h0-3
Operation A f = (b ∧ c) ∨ (¬ b ∧ d) g=i
Operation B f = (d ∧ b) ∨ ((¬ d) ∧ c) g = (5i + 1) mod 16
Operation C f=b⊕c⊕d g = (3i + 5) mod 16
Operation D f = c ⊕ (b ∨ (¬ d)) g = (7i) mod 16
A B C D
A B C D
A B C D
B b + {(a + f + k[i] + w[g]) << r[i]}
b + {(a + f + k[i] + w[g]) << r[i]} h1 h0 Calculated in The gth word Operations A-D (32 bit chunk) |sin(i+1)| x 232 ith pre-designated where ‘i’ is in radians shift
After all 64 rounds...
1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part 6. Add a, b, c and d to register values
h0 = h0 + a h1 = h1 + b h2 = h2 + c h3 = h3 + d
1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part 6. Add a, b, c and d to register values 7. Append the register values to create digest
128 bit digest
‘ hello’
5d41402abc4b2a76b9719d911017c592
So?
Applications
Applications Password Protection
Message Integrity Applications Password Protection
Message Integrity Applications Digital Password Signatures Protection
Password Protection
When you registered... MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99
When you registered... MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99 Data Base
‘password’
MD5 ‘password’
MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99
5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password?
5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password? No. Give ‘incorrect password’ error
5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password? No. Yes. Give ‘incorrect Let user password’ error into website
Attacks
Rainbow Tables
omgyouarenever 1c9fee8bd70a5afb6 goingtocrackthis 30fc4f38e97123f 123
omgyouarenever 1c9fee8bd70a5afb6 goingtocrackthis 30fc4f38e97123f 123
and Brute Force Attacks
Message Integrity
digest
File Verification
File Verification Guarding against corruption
File Verification Guarding against corruption Proving you have something before you release it
Attacks
Nostradamus Attack
But on November 30th 2007...
“We have used a Sony Playstation 3 to correctly predict the outcome of the 2008 US presidential elections. In order not to influence the voters we keep our prediction secret, but commit to it by publishing its cryptographic hash on this website. The document with the correct prediction and matching hash will be revealed after the elections.” - Marc Stevens, Arjen Lenstra and Benne de Weger
3D515DEAD7AA1656 0ABA3E9DF05CBC80
But how could they have known!?!?
But how could they have known!?!? They didn’t.
3D515DEAD7AA1656 0ABA3E9DF05CBC80
Digital Signatures
MD5 hash
MD5 hash private key encrypted
MD5 hash private key hash encrypted public key
MD5 hash private MD5 key hash encrypted public key
MD5 hash private MD5 key hash ✔ encrypted public key
Attacks
Collision Attack
hash private MD5 key hash ✔ encrypted public key
Changed hash Message MD5 hash ✔ encrypted public key
Very Dangerous!
Birthday Attack
Relies on ‘Birthday Paradox’
Relies on ‘Birthday Paradox’ First we calculate the chance no one has the same birthday
p(1)=100%
p(2)=(1)(1 - 1/365)
p(3)=(1)(1 - 1/365)(1 - 2/365)
To Generalize...
P(n)= 365! . 365 n(365-n)!
23 50% chance
30 70.6% chance
50 97% chance
We can use this property to find out how many hashes must be calculated to find a collision.
Current State of MD5
MD5 =
MD5 = Broken
The Future of Hashes
Submissions were due on October 30th
Currently Submitted
Skein Maraca BLAKE MD6 Keccak CubeHash Edon-R Ponic EnRUPT SHAMATA MCSSHA-3 Sgàil Blue Midnight Wish Grøstl ESSENCE WaMM Boole NaSHA NKS2D Waterfall
Skein BLAKE MD6 Maraca Keccak CubeHash Edon-R Ponic EnRUPT SHAMATA MCSSHA-3 Sgàil Blue Midnight Wish Grøstl ESSENCE WaMM Boole NaSHA NKS2D Waterfall
Thank you for coming!
Any Questions?

Empfohlen

Sketch sort sugiyamalab-20101026 - public
Sketch sort sugiyamalab-20101026 - publicSketch sort sugiyamalab-20101026 - public
Sketch sort sugiyamalab-20101026 - public
Yasuo Tabei
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithm
Bob Landstrom
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
Mirza Tarannum
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithm
Siva Rushi
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash Algorithm
Vishakha Agarwal
 
Week1m
Week1mWeek1m
Week1m
tauqeer729
 
Sketch sort ochadai20101015-public
Sketch sort ochadai20101015-publicSketch sort ochadai20101015-public
Sketch sort ochadai20101015-public
Yasuo Tabei
 

Empfohlen

Sketch sort sugiyamalab-20101026 - public
Sketch sort sugiyamalab-20101026 - publicSketch sort sugiyamalab-20101026 - public
Sketch sort sugiyamalab-20101026 - public
Yasuo Tabei
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithm
Bob Landstrom
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5Algorithm
Mirza Tarannum
 
RSA & MD5 algorithm
RSA & MD5 algorithmRSA & MD5 algorithm
RSA & MD5 algorithm
Siva Rushi
 
Secure Hash Algorithm
Secure Hash AlgorithmSecure Hash Algorithm
Secure Hash Algorithm
Vishakha Agarwal
 
Week1m
Week1mWeek1m
Week1m
tauqeer729
 
Sketch sort ochadai20101015-public
Sketch sort ochadai20101015-publicSketch sort ochadai20101015-public
Sketch sort ochadai20101015-public
Yasuo Tabei
 
LOGIC GATES - SARTHAK YADAV
LOGIC GATES - SARTHAK YADAVLOGIC GATES - SARTHAK YADAV
LOGIC GATES - SARTHAK YADAV
Deepak Yadav
 
Sauron: DIY home security with Ruby!
Sauron: DIY home security with Ruby!Sauron: DIY home security with Ruby!
Sauron: DIY home security with Ruby!
1337807
 
CS50 Lecture1
CS50 Lecture1CS50 Lecture1
CS50 Lecture1
昀 李
 
Lecture.1
Lecture.1Lecture.1
Lecture.1
Faiza Memon
 
Combinational logic 2
Combinational logic 2Combinational logic 2
Combinational logic 2
Heman Pathak
 
Combinational logic 1
Combinational logic 1Combinational logic 1
Combinational logic 1
Heman Pathak
 
Error Correction 14_03_2022.pptx
Error Correction 14_03_2022.pptxError Correction 14_03_2022.pptx
Error Correction 14_03_2022.pptx
RonCohen53
 
Lecture4 binary-numbers-logic-operations
Lecture4 binary-numbers-logic-operationsLecture4 binary-numbers-logic-operations
Lecture4 binary-numbers-logic-operations
markme18
 
Lf 2021 rates_viii_a
Lf 2021 rates_viii_aLf 2021 rates_viii_a
Lf 2021 rates_viii_a
luc faucheux
 
海量視覺資料-孫民
海量視覺資料-孫民海量視覺資料-孫民
海量視覺資料-孫民
台灣資料科學年會
 
Lesson17: Functions Of Several Variables
Lesson17: Functions Of Several VariablesLesson17: Functions Of Several Variables
Lesson17: Functions Of Several Variables
Matthew Leingang
 
dd_sampleslides.ppt
dd_sampleslides.pptdd_sampleslides.ppt
dd_sampleslides.ppt
wafawafa52
 
Lecture 18 M - Copy.pptx
Lecture 18 M - Copy.pptxLecture 18 M - Copy.pptx
Lecture 18 M - Copy.pptx
AzeenShahid
 
Estado del Arte de la IA
Estado del Arte de la IAEstado del Arte de la IA
Estado del Arte de la IA
Plain Concepts
 
05 2 관계논리비트연산
05 2 관계논리비트연산05 2 관계논리비트연산
05 2 관계논리비트연산
Changwon National University
 
Exact Real Arithmetic for Tcl
Exact Real Arithmetic for TclExact Real Arithmetic for Tcl
Exact Real Arithmetic for Tcl
ke9tv
 
Lesson 26: Optimization II: Data Fitting
Lesson 26: Optimization II: Data FittingLesson 26: Optimization II: Data Fitting
Lesson 26: Optimization II: Data Fitting
Matthew Leingang
 
Solutions manual for digital logic and microprocessor design with interfacing...
Solutions manual for digital logic and microprocessor design with interfacing...Solutions manual for digital logic and microprocessor design with interfacing...
Solutions manual for digital logic and microprocessor design with interfacing...
Brase947
 
Binary Mathematics Classwork and Hw
Binary Mathematics Classwork and HwBinary Mathematics Classwork and Hw
Binary Mathematics Classwork and Hw
Joji Thompson
 
CA Unit ii
CA Unit iiCA Unit ii
CA Unit ii
AmirthavalliR
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
marlenawright1
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
MJDuyan
 

Weitere ähnliche Inhalte

Ähnlich wie Hash Functions, the MD5 Algorithm and the Future (SHA-3)

Error Correction 14_03_2022.pptx
Error Correction 14_03_2022.pptxError Correction 14_03_2022.pptx
Error Correction 14_03_2022.pptx
RonCohen53
 
Lecture4 binary-numbers-logic-operations
Lecture4 binary-numbers-logic-operationsLecture4 binary-numbers-logic-operations
Lecture4 binary-numbers-logic-operations
markme18
 
dd_sampleslides.ppt
dd_sampleslides.pptdd_sampleslides.ppt
dd_sampleslides.ppt
wafawafa52
 
Binary Mathematics Classwork and Hw
Binary Mathematics Classwork and HwBinary Mathematics Classwork and Hw
Binary Mathematics Classwork and Hw
Joji Thompson
 

Ähnlich wie Hash Functions, the MD5 Algorithm and the Future (SHA-3) (20)

LOGIC GATES - SARTHAK YADAV
LOGIC GATES - SARTHAK YADAVLOGIC GATES - SARTHAK YADAV
LOGIC GATES - SARTHAK YADAV
 
Sauron: DIY home security with Ruby!
Sauron: DIY home security with Ruby!Sauron: DIY home security with Ruby!
Sauron: DIY home security with Ruby!
 
CS50 Lecture1
CS50 Lecture1CS50 Lecture1
CS50 Lecture1
 
Lecture.1
Lecture.1Lecture.1
Lecture.1
 
Combinational logic 2
Combinational logic 2Combinational logic 2
Combinational logic 2
 
Combinational logic 1
Combinational logic 1Combinational logic 1
Combinational logic 1
 
Error Correction 14_03_2022.pptx
Error Correction 14_03_2022.pptxError Correction 14_03_2022.pptx
Error Correction 14_03_2022.pptx
 
Lecture4 binary-numbers-logic-operations
Lecture4 binary-numbers-logic-operationsLecture4 binary-numbers-logic-operations
Lecture4 binary-numbers-logic-operations
 
Lf 2021 rates_viii_a
Lf 2021 rates_viii_aLf 2021 rates_viii_a
Lf 2021 rates_viii_a
 
海量視覺資料-孫民
海量視覺資料-孫民海量視覺資料-孫民
海量視覺資料-孫民
 
Lesson17: Functions Of Several Variables
Lesson17: Functions Of Several VariablesLesson17: Functions Of Several Variables
Lesson17: Functions Of Several Variables
 
dd_sampleslides.ppt
dd_sampleslides.pptdd_sampleslides.ppt
dd_sampleslides.ppt
 
Lecture 18 M - Copy.pptx
Lecture 18 M - Copy.pptxLecture 18 M - Copy.pptx
Lecture 18 M - Copy.pptx
 
Estado del Arte de la IA
Estado del Arte de la IAEstado del Arte de la IA
Estado del Arte de la IA
 
05 2 관계논리비트연산
05 2 관계논리비트연산05 2 관계논리비트연산
05 2 관계논리비트연산
 
Exact Real Arithmetic for Tcl
Exact Real Arithmetic for TclExact Real Arithmetic for Tcl
Exact Real Arithmetic for Tcl
 
Lesson 26: Optimization II: Data Fitting
Lesson 26: Optimization II: Data FittingLesson 26: Optimization II: Data Fitting
Lesson 26: Optimization II: Data Fitting
 
Solutions manual for digital logic and microprocessor design with interfacing...
Solutions manual for digital logic and microprocessor design with interfacing...Solutions manual for digital logic and microprocessor design with interfacing...
Solutions manual for digital logic and microprocessor design with interfacing...
 
Binary Mathematics Classwork and Hw
Binary Mathematics Classwork and HwBinary Mathematics Classwork and Hw
Binary Mathematics Classwork and Hw
 
CA Unit ii
CA Unit iiCA Unit ii
CA Unit ii
 

Kürzlich hochgeladen

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 

Kürzlich hochgeladen (20)

HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 

Hash Functions, the MD5 Algorithm and the Future (SHA-3)

  • 1. Hash Functions, the MD5 Algorithm and the Future (SHA-3) Dylan Field, Fall ’08 SSU Math Colloquium
  • 2. What is a hash?
  • 4. Humpty Dumpty sat on a wall.
  • 5. Humpty Dumpty had a great fall.
  • 6. All the king’s horses and all the king’s men
  • 7. Couldn’t put Humpty together again.
  • 8.
  • 9. X
  • 10.
  • 11. h(x)
  • 12. BUT h(x) is a one way function
  • 13. ... so they can’t put Humpty together again.
  • 14. x hash function h(x) Humpty falls
  • 15. hello’ MD5 x hash function h(x) Humpty falls
  • 16. 5d41402abc4b ‘ hello’ MD5 2a76b9719d91 1017c592 x hash function h(x) Humpty falls
  • 17. - going backwards - - sdrawkcab gniog -
  • 18. - going backwards - - sdrawkcab gniog -
  • 19. - going backwards - NO!!! - sdrawkcab gniog -
  • 20. - going backwards - 5d41402abc4b 2a76b9719d91 1017c592 - sdrawkcab gniog -
  • 21. - going backwards - 5d41402abc4b 2a76b9719d91 1017c592 ‘ hello’ - sdrawkcab gniog -
  • 22. Requirements h(x)
  • 23. Requirements h(x) Given h(x) cannot find x 1
  • 24. Requirements h(x) Given h(x) h(x) is cannot find x constant 1 2
  • 25. Requirements h(x) Given h(x) h(x) is Can’t find x2 cannot find x constant so h(x2)=h(x1) 1 2 3
  • 26. Requirement #3 - Humpty Dumpty Style
  • 27. Requirement #3 - Humpty Dumpty Style ≠
  • 28. Requirement #3 - Humpty Dumpty Style ≠ ≠ ≠ ≠ .........
  • 29. so how does it work?
  • 30. hello’
  • 32. we’re going to focus on MD5
  • 33.
  • 34. 1. Convert ‘x’ to binary
  • 35. hello’ 0110100001100101011011000110110001101111
  • 36. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0
  • 37. ‘hello’ in binary 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
  • 38. ‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
  • 39. ‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0’s until 0000000000 0000000000 0000000000 0000000000 0000000000 x mod 512 = 496 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
  • 40. ‘hello’ in binary 0110100001100101011011000110110001101111 1 add ‘1’ 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0’s until 0000000000 0000000000 0000000000 0000000000 0000000000 x mod 512 = 496 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 add 16 bit binary 0000000000101000 representation of x
  • 41. xpadded = 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000
  • 42. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words
  • 43. 0110100001100101011011000110110001101111 1 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 0000000000 00000 0000000000101000 W1 = 01101000011001010110110001101100
  • 44. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3.
  • 45. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians
  • 46. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts
  • 47. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts w[g] = Word number (0 – 15)
  • 48. k[i] = |sin(i+1)| x 232 where ‘i’ is in radians r[i] = Various round shift amounts w[g] = Word number (0 – 15) h0 = a = 0x67452301 h1 = b = 0xEFCDAB89 h2 = c = 0x98BADCFE h3 = d = 0x10325476
  • 49. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part
  • 50.
  • 51.
  • 52. But first... binary operations!
  • 53.
  • 55. p q ∧ T T
  • 56. p q ∧ T T T
  • 57. p q ∧ T T T T F
  • 58. p q ∧ T T T T F F
  • 59. p q ∧ T T T T F F F T
  • 60. p q ∧ T T T T F F F T F
  • 61. p q ∧ T T T T F F F T F F F
  • 62. p q ∧ T T T T F F F T F F F F
  • 63. In binary: T=1 F=0
  • 64. p q ∧ T T T T F F F T F F F F
  • 65. p q ∧ bit 1 bit 2 ∧ T T T 1 1 1 T F F 1 0 0 F T F 0 1 0 F F F 0 0 0
  • 66.
  • 67.
  • 68. bit 1 bit 2 ∨ 1 1 1 1 0 1 0 1 1 0 0 0
  • 69. ⊕ “XOR is a type of logical disjunction on two operands that results in a value of “true” if and only if exactly one of the operands has a value of ‘true’”
  • 70. bit 1 bit 2 ∨ bit 1 bit 2 ⊕ 1 1 1 1 1 F 1 0 1 1 0 T 0 1 1 0 1 T 0 0 0 0 0 F
  • 71. ¬
  • 75. 1 0 1 0 1 0
  • 76. 0 1 0 1 0 0 1 0 1 0 0 0
  • 77.
  • 79. Operation A f = (b ∧ c) ∨ (¬ b ∧ d) g=i
  • 80. Operation B f = (d ∧ b) ∨ ((¬ d) ∧ c) g = (5i + 1) mod 16
  • 81. Operation C f=b⊕c⊕d g = (3i + 5) mod 16
  • 82. Operation D f = c ⊕ (b ∨ (¬ d)) g = (7i) mod 16
  • 83.
  • 84. A B C D
  • 85. A B C D
  • 86. A B C D
  • 87. B b + {(a + f + k[i] + w[g]) << r[i]}
  • 88. b + {(a + f + k[i] + w[g]) << r[i]} h1 h0 Calculated in The gth word Operations A-D (32 bit chunk) |sin(i+1)| x 232 ith pre-designated where ‘i’ is in radians shift
  • 89. After all 64 rounds...
  • 90. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part 6. Add a, b, c and d to register values
  • 91. h0 = h0 + a h1 = h1 + b h2 = h2 + c h3 = h3 + d
  • 92. 1. Convert ‘x’ to binary 2. Pad ‘x’ so that size of x (mod 512) = 0 3. Break ‘x’ into 512 bit sub parts and 32 bit words 4. Assign values to k[i], r[i], w[g], h0, h1, h2 and h3. 5. Perform 64 rounds on each sub part 6. Add a, b, c and d to register values 7. Append the register values to create digest
  • 94. hello’
  • 96. So?
  • 99. Message Integrity Applications Password Protection
  • 100. Message Integrity Applications Digital Password Signatures Protection
  • 102.
  • 103. When you registered... MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99
  • 104. When you registered... MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99 Data Base
  • 105.
  • 108. MD5 ‘password’ 5f4dcc3b5aa765d61d8327deb882cf99
  • 109. 5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password?
  • 110. 5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password? No. Give ‘incorrect password’ error
  • 111. 5f4dcc3b5aa765d61d8327deb882cf99 = stored, hashed password? No. Yes. Give ‘incorrect Let user password’ error into website
  • 112.
  • 113.
  • 116.
  • 117. omgyouarenever 1c9fee8bd70a5afb6 goingtocrackthis 30fc4f38e97123f 123
  • 118. omgyouarenever 1c9fee8bd70a5afb6 goingtocrackthis 30fc4f38e97123f 123
  • 119. and Brute Force Attacks
  • 121.
  • 122. digest
  • 124. File Verification Guarding against corruption
  • 125. File Verification Guarding against corruption Proving you have something before you release it
  • 128.
  • 129. But on November 30th 2007...
  • 130. “We have used a Sony Playstation 3 to correctly predict the outcome of the 2008 US presidential elections. In order not to influence the voters we keep our prediction secret, but commit to it by publishing its cryptographic hash on this website. The document with the correct prediction and matching hash will be revealed after the elections.” - Marc Stevens, Arjen Lenstra and Benne de Weger
  • 132. But how could they have known!?!?
  • 133. But how could they have known!?!? They didn’t.
  • 136.
  • 137. MD5 hash
  • 138. MD5 hash private key encrypted
  • 139. MD5 hash private key hash encrypted public key
  • 140. MD5 hash private MD5 key hash encrypted public key
  • 141. MD5 hash private MD5 key hash ✔ encrypted public key
  • 144. hash private MD5 key hash ✔ encrypted public key
  • 145. Changed hash Message MD5 hash ✔ encrypted public key
  • 148. Relies on ‘Birthday Paradox’
  • 149. Relies on ‘Birthday Paradox’ First we calculate the chance no one has the same birthday
  • 154. P(n)= 365! . 365 n(365-n)!
  • 155. 23 50% chance
  • 156. 30 70.6% chance
  • 157. 50 97% chance
  • 158. We can use this property to find out how many hashes must be calculated to find a collision.
  • 160. MD5 =
  • 161. MD5 = Broken
  • 162. The Future of Hashes
  • 163.
  • 164. Submissions were due on October 30th
  • 166. Skein Maraca BLAKE MD6 Keccak CubeHash Edon-R Ponic EnRUPT SHAMATA MCSSHA-3 Sgàil Blue Midnight Wish Grøstl ESSENCE WaMM Boole NaSHA NKS2D Waterfall
  • 167. Skein BLAKE MD6 Maraca Keccak CubeHash Edon-R Ponic EnRUPT SHAMATA MCSSHA-3 Sgàil Blue Midnight Wish Grøstl ESSENCE WaMM Boole NaSHA NKS2D Waterfall
  • 168.
  • 169. Thank you for coming!