Crypto - 3. Hashing

Question 1

What is the primary function of a cryptographic hash function?

Answer 1

To produce a fixed-length digest from an input of any size for secure data representation.

Question 2

Fill in the blank: A cryptographic hash function transforms an input message into a ______.

Answer 2

Fixed-length digest.

Question 3

What are common applications of cryptographic hash functions?

Answer 3

Digital signatures, key derivation, bit commitment, and message authentication.

Question 4

Why are digital signatures combined with hash functions?

Answer 4

Hashing a message before signing reduces data size and improves efficiency.

Question 5

Define an Extendable Output Function (XOF).

Answer 5

An XOF is a hash function that can produce outputs of any desired length.

Question 6

Fill in the blank: XOFs are often used in applications requiring ______ length outputs.

Answer 6

Variable.

Question 7

What is preimage resistance in a hash function?

Answer 7

It means finding an input that maps to a given output should be computationally difficult.

Question 8

Explain second preimage resistance in hash functions.

Answer 8

It should be hard to find a different input that produces the same hash as a given input.

Question 9

What is collision resistance?

Answer 9

Collision resistance means it should be hard to find two distinct inputs with the same hash output.

Question 10

How does the birthday paradox relate to collision resistance?

Answer 10

The paradox shows that collisions are more likely than expected; 23 people have a high chance of sharing a birthday.

Question 11

What is MD5 and why is it considered insecure?

Answer 11

MD5 is an older 128-bit hash function with known vulnerabilities to collision attacks.

Question 12

Fill in the blank: SHA-1 was standardized by ______ in 1995 but is now considered insecure.

Answer 12

NIST

Question 13

Name a secure hash function family that replaced SHA-1.

Answer 13

SHA-2

Question 14

Describe the SHA-3 standard and its basis.

Answer 14

SHA-3 is based on the KECCAK algorithm and includes SHA3-{224, 256, 384, 512} and SHAKE{128, 256} functions.

Question 15

What is the Merkle-Damgård construction?

Answer 15

A method used in hash functions to process messages in blocks and chain intermediate hash values.

Question 16

Explain the purpose of HMAC.

Answer 16

HMAC combines a hash function with a key to provide secure message authentication, addressing length extension attacks.

Question 17

What is a length extension attack?

Answer 17

An attack on hash functions where an attacker can forge a hash by appending data to the original message.

Question 18

Fill in the blank: The ______ construction in SHA-3 allows flexible and secure hashing with resistance to preimage and collision attacks.

Answer 18

Sponge

Question 19

Describe sponge construction in SHA-3.

Answer 19

The sponge construction iterates a permutation on absorbed input, outputting a secure hash digest.

Question 20

What role does the KECCAK-f permutation play in SHA-3?

Answer 20

It performs non-linear mixing, diffusion, and symmetry-breaking to secure the hashing process.

Question 21

List the five steps in the KECCAK-f permutation process.

Answer 21

θ (mixing), ρ (rotation), π (reordering), χ (non-linearity), and ι (symmetry-breaking).

Question 22

How does the θ step contribute to security in KECCAK-f?

Answer 22

It mixes bits by computing parity and adding neighboring column values to increase diffusion.

Question 23

Fill in the blank: The χ step in KECCAK-f adds ______ by flipping bits based on neighboring patterns.

Answer 23

Non-linearity

Question 24

What is indifferentiability in the context of hash functions?

Answer 24

A measure of how closely a hash function behaves like a random function, ensuring security in hash constructions.

Question 25

What is the purpose of customized SHAKE functions (cSHAKE)?

Answer 25

cSHAKE provides custom output for specific applications, allowing added flexibility in SHA-3.

Question 26

Why is SHAKE categorized as an XOF?

Answer 26

Because SHAKE can produce outputs of variable lengths.

Question 27

What is KMAC and how does it differ from HMAC?

Answer 27

KMAC is a message authentication code based on SHAKE, avoiding the length extension issues of HMAC.

Question 28

Fill in the blank: ______ is a form of hash-based parallel processing introduced in SHA-3.

Answer 28

ParallelHash

Question 29

Explain why cryptographic hash functions should behave like random mappings.

Answer 29

To ensure security properties like preimage resistance and collision resistance are met.