What Do You Mean By Hash Information Technology Essay

A hash also called a digest, and informally a checksum is a kind of signature for a stream of data that represents the contents. The closest real-life analog we can think is a tamper-evident seal on a software package: if you open the box (change the file), it’s detected.

A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional change to the data will change the hash value. The data to be encoded is often called the message, and the hash values are sometimes called the message digest or simply digest. The ideal cryptographic hash function has four main or significant properties:

It is easy to compute the hash value for any given message,

It is infeasible to find a message that has a given hash,

It is infeasible to modify a message without changing its hash,

It is infeasible to find two different messages with the same hash.

Cryptographic hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, or just hash values, even though all these terms stand for functions with rather different properties and purposes.

Q2. What are the principal elements of a public-key cryptosystem?

Ans2. Public-Key Cryptosystems: Secrecy and Authentication, illustrates the essential elements of a public-key encryption scheme.

Public key cryptography is an asymmetric scheme that uses a pair of keys for encryption: a public key, which encrypts data, and a corresponding private, or secret key for decryption. You publish your public key to the world while keeping your private key secret. Anyone with a copy of your public key can then encrypt information that only you can read. Even people you have never met.

Plaintext: This is the original message or data fed into the algorithm as input.

Encryption Algorithm: It performs various substitutions and transformation on plaintext.

Secret Key: It is used for encryption.

Ciphertext: This is the scrambled message produced as output.

Decryption Algorithm: This is the encryption algorithm run in reverse.

Q3. What types of information might be derived from a traffic analysis attack?

Ans3. In a connection-oriented application, the frequency and duration could be determined. In either a connection-oriented or connectionless environment, the number and length of messages between parties could be determined. Traffic analysis attacks aim to derive critical information by analyzing traffic over a network. The two classes of traffic analysis attacks: link-load analysis attacks and flow-connectivity analysis attacks.  Countermeasures for such attacks are usually realized by properly padding the payload traffic so that the statistics of the overall traffic become significantly different from that of the payload traffic. Two basic countermeasure strategies are (a) to pad the traffic with constant inter-arrival times of packets (CIT) or (b) to pad the traffic with variable inter-arrival times (VIT). 

Q4. What are three broad categories of applications of public-key cryptosystems? What requirements must a public key cryptosystems fulfill to be a secure algorithm?

Ans4. Public-key systems are characterized by the use of a cryptographic type of algorithm with two keys. Depending on the application, the sender uses either the sender’s private key or the receiver’s public key, or both, to perform some type of cryptographic function. In broad terms, we can classify the use of public-key cryptosystems into the three categories:

• Encryption/decryption: The sender encrypts a message with the recipient’s public key.

• Digital signature: The sender “signs” a message with its private key, either to the whole message or to a small block of data that is a function of the message.

• Key exchange: Two sides cooperate to exchange a session key. Several different approaches are possible, involving the private key(s) of one or both parties.

Some algorithms are suitable for all three applications, whereas others can be used only for one or two of these applications.

Public key schemes are no more or less secure than private key schemes – in both cases the size of the key determines the security. But with public key schemes at least there is usually a firmer theoretical basis for determining the security since it’s based on well-known and well studied number theory problems.

In order to solve the key management problem, the concept of public-key cryptography was introduced. Public-key cryptosystems have two primary uses, encryption and digital signatures. In their system, each person gets a pair of keys, one called the public key and the other called the private key. The public key is published, while the private key is kept secret.

The need for the sender and receiver to share secret information is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared. In this system, it is no longer necessary to trust the security of some means of communications. The only requirement is that public keys be associated with their users in a trusted (authenticated) manner (for instance, in a trusted directory).

Anyone can send a confidential message by just using public information, but the message can only be decrypted with a private key, which is in the sole possession of the intended recipient. Furthermore, public-key cryptography can be used not only for privacy (encryption), but also for authentication (digital signatures) and other various techniques.

Q5. What is digital signature standard?

Ans5.

This Standard specifies a suite of algorithms that can be used to generate a digital signature. Digital signatures are used to detect unauthorized modifications to data and to authenticate the identity of the signatory.

In addition, the recipient of signed data can use a digital signature as evidence in demonstrating to a third party that the signature was, in fact, generated by the claimed signatory.

This is known as non-repudiation, since the signatory cannot easily repudiate the signature at a later time. This Standard specifies algorithms for applications requiring a digital signature, rather than a written signature. A digital signature is represented in a computer as a string of bits.

A digital signature is computed using a set of rules and a set of parameters that allow the identity of the signatory and the integrity of the data to be verified. Digital signatures may be generated on both stored and transmitted data.

Signature generation uses a private key to generate a digital signature; signature verification uses a public key that corresponds to, but is not the same as, the private key. Each signatory possesses a private and public key pair. Public keys may be known by the public; private keys are kept secret. Anyone can verify the signature by employing the signatory’s public key. Only the user that possesses the private key can perform signature generation.

A hash function is used in the signature generation process to obtain a condensed version of the data to be signed; the condensed version of the data is often called a message digest. The message digest is input to the digital signature algorithm to generate the digital signature.

The digital signature is provided to the intended verifier along with the signed data. The verifying entity verifies the signature by using the claimed signatory’s public key and the same hash function that was used to generate the signature. Similar procedures may be used to generate and verify signatures for both stored and transmitted data.

Q6. Explain authentication function: message encryption, message authentication code and hash function.

Ans6.

Message encryption: Message encryption is a process that encodes the data of a message so that unauthorized people cannot access it. The process of message encryption converts a message from readable text to scrambled or enciphered text, thus keeping the message content private. Only people who use a private key can read such a message.

In fact, message encryption not only safeguards the message but also any attachments included with it. Therefore, message encryption is basically information scrambling, and the technology this process involves is very important for internal security in information technology-driven environments. When message encryption is properly used in such an environment, it helps establish a secure communication channel even in cases where the fundamental system and network infrastructure is not very secure. It is obvious that message encryption is of great significance when a message needs to be transferred through shared systems or network segments in which a number of people may otherwise be able to view it. Message encryption is an invaluable tool in situations where sensitive information needs to be safeguarded so that it cannot be seen or modified by other parties.

Message authentication code: One of the reasons that encryption mechanism does not provide a good solution for message authentication is that it is difficult for the receiver to identify the legitimate plaintext.

To address this problem, we can apply an error detection code to the message so that only legitimate plaintext can pass the error detection. Such error detection codes are used in the network communication to provide data integrity verification against bit errors introduced by communication channel noise. But it can not provide data integrity protection against malicious attackers.

In light of error detection code, we can design a code that uses a secret key. Without the key, modifying the message in a way that it matches the code is impossible. This idea leads to the design of message authentication code (MAC).

A MAC algorithm, sometimes called a keyed (cryptographic) hash function, accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC (sometimes known as a tag). The MAC value protects both a message’s data integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content.

Hash Functions: A hash function H is a transformation that takes a variable-size input m and returns a fixed-size string, which is called the hash value h (that is, h = H(m)). Hash functions with just this property have a variety of general computational uses, but when employed in cryptography the hash functions are usually chosen to have some additional properties.

The basic requirements for a cryptographic hash function are:

the input can be of any length,

the output has a fixed length,

H(x) is relatively easy to compute for any given x ,

H(x) is one-way,

H(x) is collision-free.

A hash function is any well-defined procedure or mathematical function that converts a large, possibly variable-sized amount of data into a small datum, usually a single integer that may serve as an index to an array. The values returned by a hash function are called hash values, hash codes, hash sums, or simply hashes.