P2L8 Hashes

Question 1

Weak vs Strong Collision resistance

Answer 1

WEAK: When you can find m2 such that H(m2) = H(m1). It is weak only to a given input message. STRONG: Hash function is resistant to any pair of different messages. This implies the weaker property.

Question 2

pigeonhole problem of hash functions

Answer 2

there are many more ‘pigeons’ than there are ‘pigeon holes’. Because the size of the hash is fixed size, but the input is not. So many inputs will match to the same output value.

Question 3

determining hash length

Answer 3

In this snippet the top row is ‘l’ not 1. The bottom row means you need to find 2³² possibilities before you reach a hash collision.

Question 4

If length of a hash is 128 bits, then how many messages does an attacker need to search in order to find two that share the same hash?

Answer 4

64

Question 5

In SHA 2, how many rounds are used to process a message block?

Answer 5

80

Question 6

why use hash based message authentication?

Answer 6

• Hash functions are very efficient (execute faster)
• library code widely available

Question 7

HMAC is secure because…

Answer 7

A secret key is hashed with the message content. An attacker cannot compute the HMAC value for m2.

Question 8

Hash functions are used for message authentication but not…

Answer 8

digital signatures

Question 9

Hash based message auth scenario

Answer 9

1. Alice and bob share secret key.
2. Alice authenticates herself by sending ‘Hello’ message and hashing the message along with shared secret key.
3. Bob receives this hash value along with hello message in plaintext, bob can hash the hello message along with the shared key
4. Bob sees whether that hash value matches the value he received. If they match, then Alice is authenticated.

Question 10

Digital signatures steps

Answer 10

1. alice hashes m
2. then signs hash value of m with private key
3. then she sends message m in plaintext along with signature

Question 11

what is recommended minimum length of a hash?

Answer 11

128 bits