Hash functions and MAC

Question 1

what are the properties of a hash function?

Answer 1

•A Hash Function produces a fingerprint of some
file/message/data
h = H(M)
•condenses a variable-length message M to a fixedsized
fingerprint
•Assumed to be public

Question 2

what is weak vs strong collision resistance ?

Answer 2

Given x, it is infeasible to find y s.t. H(y) = H(x)
weak collision resistance
•It is infeasible to find any x,y s.t. H(y) = H(x)
strong collision resistance

Question 3

why is a salt needed when saving passwords?

Answer 3

Salts create unique passwords even in the instance of two users choosing the same passwords. Salts help us mitigate rainbow table attacks by forcing attackers to re-compute them using the salts.

Question 4

what is Message Authentication Code (MAC)

Answer 4

•Generated by an algorithm that creates a small fixedsized
block depending on both message and some key
•need not be reversible
•Receiver performs same computation on message and
checks if it matches the MAC
•Provides assurance that message is unaltered and
comes from sender

Question 5

what is Keyed Hash Functions (HMAC)?

Answer 5

Create a MAC using a hash function rather than a block
cipher
– because hash functions are generally faster
– not limited by export controls unlike block ciphers
– Hash includes a key along with the message

Question 6

what is the birthday paradox ?

Answer 6

• How many people must there be in a room so that the
probability of two of them having the same birthday is
larger than 50%?
• One tends to be selfish in these cases and think: ”The
chance that another person has the same birthday as
me is 1/365. The chance that two other person has the
same birthday as me is (almost) 2/365.
• So, close to 183.” But this is wrong! This calculation is
correct when looking for matches to one specific
person.
if there are 23 people in the room there is a 50% probability .