Cryptography Reference
In-Depth Information
Definition
A hash function h is a digest function if it satisfies all of the following properties:
1. Given a hash value h ( m ), it must be extremely difficult to determine m .
2. Given a message m , it must be extremely difficult to find another message m
such
).
3. It must be extremely difficult to find any two messages, say m and m
that h ( m ) = h ( m
, for which h ( m )
= h ( m
).
Property 2 looks very much like property 3, but they are quite different. The former says
that if we start with a given message, we can't find another that maps to the same hash
value. The latter does not specify that we start with a particular message; it only requires that
we cannot find any two messages that map to the same digest.
A hash function that satisfies these three properties will be called a digest function. Some-
times we will also refer to the function as a digest, but we also use the word digest to refer
to the output of a digest function; the intended meaning should be clear from the context.
If we take the hash functions from the previous examples, it is easy to see that they could
not be digest functions, since they fail some of the required properties. For example, any two
messages with the same trailing 64 bits will map to the same hash value using function h .
The function g likewise fails to have property 2.
Digest functions are very much like good ciphers, in that the values they produce must
look random to the point that an adversary cannot tell what the originating data was. There
are three important differences between digest functions and ciphers, however; they are:
1.
A cipher is intended to be reversible, given a certain secret key. Digests are specifically
intended not to be reversible, no matter what information one has.
2.
A digest function compresses the data, whereas a cipher generally does not. In fact, a
cipher usually expands the data.
3.
Digest functions use no keys; the scrambling effect that they produce comes about by the
nature of the mathematical transformation itself. Such a digest is referred to as a Modi-
fication Detection Code (MDC); the name signifies the basic purpose. However, other
digests use keys; such a digest is called a Message Authentication Code (MAC).
Now we will cover a specific digest function; namely, the Modular Arithmetic Secure
Hash, Algorithm 2 (MASH-2).
MASH-2
The following produces an n bit digest of a message x of bitlength b such that
b < 2 n /2 .
0
1.
Choose two primes such that their product, M , is m bits in length.
2.
The integer n is chosen as the largest multiple of 16 not exceeding m ; n is the bitlength
of the digest.
3. H 0 = 0 is an initialization vector; we will define another n bit constant A , such that
A = 11110000 . . . 0000 base 2 .
 
Search WWH ::




Custom Search