CS 513 - System Security
Lecture 10

Lecturer: Professor Fred B. Schneider
Notes by: Vicky Weissman
Lecture Date: 2/29/00

Today's Topics

Hash Functions

A hash function takes variable length plaintext and returns a fixed length hash (aka message digest).

Hash lengths are typically between 100 and 1,000 bits. Lengths in this range allow hash functions to have both good performance and a high probability that different messages will be hashed to different digests.

To deter message-text substitution attacks it should be very difficult to discover a correlation between a message and its corresponding digest; the hash function should be 1-way (cannot determine input from output.); diffusion is needed (slightly different messages have completely different hashes.)

An example of a hash function is the Secure Hash Algorithm (SHA).

Hashing functions can be used to fingerprint programs (detect corruption by detecting a change in a program's hash). They can also create MICs (cryptographic checksums; aka message integrity code, message authenticity code, or MAC).

Digital Signatures

A message, m, is signed by appending the signature D(k, h(m)) to the text where k is the sender's private key and h(m) is the hash corresponding to m.

A signed message is believed to have been sent by a particular principal, if hashing the message produces the same sequence of bits as encrypting the signature with the principal's public key.

A principal can add its signature to a message that has already been signed, by applying the hash function to both the text and the pre-existing signatures.

RSA

RSA is a public key cryptographic algorithm that is computationally secure.

Basic Protocol:

Given a public key, {e, n}, and a private key, {d, n}:
E({e, n}, m) = me mod n
D({d, n}, c) = cd mod n

Requirements:

the product of e and d must be 1 (otherwise decryption won't 'undo' encryption)
calculating me must be cheap
deriving d from e and n must be expensive

Protocol to Choose e, n, and d:

pick 2 large (at least 256 bits) prime numbers, p and q
set n = p*q
pick e so that it has no common factor (other than 1) with (p-1)(q-1)
set d = 1/e