Cryptography Reference
In-Depth Information
Figure 4-20 Skipjack inverse G k transform ([ G k ] -1 ).
The F -function is simply an 8-bit S-box. I won't show it here, but it can be viewed in the specifications [17].
4.12 Message Digests and Hashes
Often, we might want to verify that we received the correct message and that nothing is missing or corrupted.
One way would be to send the entire message again, but this would double the transmission size, which could
be impractical. Naturally, we want this verification message to be as small as possible, while still serving its
purpose. This verification message could also be used as a representation of the message itself, if we needed to,
for example, prove that we received the message without repeating it in its entirety.
Two constructs that can give us these abilities are message digests and hashes. These calculations provide
error detection, smaller representations of data, and sometimes error correction. The representations are called
hashes or message digests , since they essentially “chop” up the input and “digest” them into some form.
For error detection and correction purposes, we often see these calculations in the form of checksums and
cyclic redundancy checks. These are not designed for most security purposes (such as providing guarantees that
the message was not maliciously altered), but simply to provide robustness against transmission or other benign
errors; as such, they are usually based on very simple, fast algorithms meant to catch simple errors (such as a
single bit being received incorrectly).
Hashfunctions produce hashes from input. These hash functions are designed to provide stronger security than
normal checksums: Usually they have complicated, intricate calculations to churn the input to produce output.
There are several desirable properties of this in order for the hash to be a secure “representation” of the mes-
sage:
1. It should not be easy to obtain information about the input from the hash.
2. It should not be easy to find two inputs that have the same hash.
3. It should not be easy to find an input that has a specific hash. Furthermore, it should be even more
difficult to find such an input that bears a resemblance to another particular input as well.
Hash functions designed with these security principles in mind are often called cryptographic hash func-
tions .
 
Search WWH ::




Custom Search