Research Report on Cryptographic Hash Functions

 

 

RESEARCH REPORT

ON

CRYPTOGRAPHIC HASH FUNCTIONS

 

 

This report presents various cryptographic hash function available till date and briefly describes their algorithms, good points, bad points. Discussed hash functions are md5, sha-1,sha-3, blake2, and tiger. Cryptographic hash functions are widely used in today’s information technology industry. Major breakthrough are been developed and some are in developing stage to counterattack the collision attacks. We are going to select one out of the above-mentioned hash function suitable for a data-oriented company.

 

 

 

ABSTRACT:

Cryptographic hash function has become an important part in many applications. World of cryptocurrency relies heavily on these cryptographic hash functions. Other uses are digital signature, verifying unique or duplicate records, also helpful in data corruption. In layman, it takes an input, process it and produces a digest which is fixed size alphanumeric string, not understandable by human being. There are some old and new versions of cryptographic hash functions available.MD5 AND SHA1 are older ones and SHA3, BLAKE2, TIGER is some of the newer versions. In this report we are going to discuss these hash function, depending upon their characteristics, vulnerabilities and strengths, one of them can be decided to use for a data-oriented company. Basically, the older one’s MD-5 hashing algorithm is still generally utilized however, cryptographically defective as it can infer collision. MD-5 is broken due to collision, however not in respect of preimages or second preimages. The primary attack on MD-5 were done in 1996, this attack was done on the compression of MD-5 not on MD-5 itself. Hypothetical attack was created in year 2004. But in actual the attacks done on MD-5 are way too slow to decrease its value. SHA-1 hashing algorithm is cryptographically defective but the properties which we need in password hashing algorithm are still utilized. It indirectly means whatever “password hashing algorithm” which are built according to the SHA-1 are secure. So, firms which are using this algorithm feel secure finds no reason to change to something new. SHA3 (keccak) newer algorithm defeated other new algorithm Blake in a competition hosted by national institute of standards and technology, reason being not designed specifically for ASIC mining. The newer versions are probably good and will be briefed in the upcoming paragraphs. Depending upon my research, I would suggest using SHA3 for the data-oriented company.

1. INTRODUCTION:

CRYPTOGRAPHIC HASH FUNCTIONS

Cryptographic hash functions are fundamental building blocks that are used within many different cryptographic algorithms and protocols. There are a number of crucial applications in the field of information security. So, some of the common algorithms that are known to be a cryptographic hash function include SHA-1, SHA-3, BLAKE2, TIGER, MD5 which is probably one of the most common one. MD5 also have some predecessors namely MD4. There’s also a successor to MD5 known as MD6. But basically, MD5 is among the more popular ones.

Basically, cryptographic hash function is a function which changes the input to an output which is hard to understand. It changes the input to the fixed size alphanumeric string. And the output is called the string value, digital fingerprints, digest, message or checksum.

There are three main characteristics of hash function stated down below:

1. For a given input, it is very easy to modify it through hash function.
2. For the generated output, it is very difficult to calculate an alphanumeric string.
3. For two slightly different message, their hash will be totally different.

Input of any length can be fed to the hash function and it will produce alphanumeric text of fixed length which acts as a signature for the provided input. Thereafter, the person who gets the message digest doesn’t know the real message, however the person who originally knew the message can only tell the digest is made from the same message or not.

A cryptographic hash function ought to be as random as could reasonably be expected, while it is as yet deterministic and calculatable effectively. From a cryptographic perspective, a cryptographic hash work is considered ” uncertain” if below mentioned points are measurable:

1. Find a message (already not seen) that relates to a given hash value.

2. Find ” collision ” that have a similar hash value for two unique messages.

The above two methods can be used by the attacker to alter the original message with an authorized message. Preferably, two unique messages whose digests (‘ hash value) are comparable ought to be not found. Obviously, the attacker learns something like one snippet of data, the digest itself, which enables the attacker to perceive whether a similar message occurred. MD5 and SHA-1 are the two most normally utilized hash functions for various standards and applications. Security defects are appearing, there could be a conceivable scientific shortcoming, and a more grounded hash functions is recommended. In 2007, the National Institute of Standards and Technology gave a challenge to work on hash called SHA-3, outcome were really phenomenal, lot of algorithms are available today with better functionality.

1.1 USES:

 Hash function is used for number of applications, not only for the cryptography. It also includes practical applications such as authentication, digital signature, message integrity check, cryptocurrency, data corruption and various other application.

 

2. MD5 HASH FUNCTION 

MD5 is one of the generally utilized hashing algorithm created by Ronald Rivest in 1991. MD5 is a successor of MD4. MD-5 is broken due to crashes, yet not in respect of pre-image or second pre-image. It produces 128 bits, a settled length hash value. In 1996 attacks on MD-5 were distributed.

2.1 MD5 ALGORITHM:

The following procedure shows the working of MD5 algorithm: 

1. Generate message digest.
2. Append message digest to plain text.
3. Send to receiver.
4. Receiver will again generate message digest.
5. Generated message digest and appended message digest 4 & 1 will be compared.

 If both message digest are same means, there is no modification done during the transmission. Plain text is processed in 512 bit & blocks. If the length is less than 512 some padding bits are to be appended.

Following shows the process for hashing:

1. Append padding bits.
2.  Append 64-bit representation of plain text.

Now plain text length = multiples of 512 bits

3. Initialize the MD buffer (use to store the o/p of each buffer is of size 32 bits)

Output of message digest = 128 bits

Buffer required = 4 buffers (A, B, C, D).

4. Process each of 512 bits.
5. Output (message digest in buffers).

2.2 EXPLANATION OF ABOVE 5 STEPS:

Consider 4 buffers. Each block is processed in rounds. After completion of 4^th round, addition modules to the o/p of buffers is applied. 1-16 constants will be used in first round, which means, this round consists of 16 steps. Every round consists of 16 steps, each step is going to use single one constant. So, 64 constants steps will be used. 1 step is equal to some part of plain text plus 16 constants and a logical function. At the end initial values of buffers will be added to the fourth round so that output will be message digest. And this output will act as an input for the second block.

2.3 GOOD POINTS OF MD5

• It provides fast computation.
• Latest one is collision resistance.
• Being old, it is still in widespread use
• It provides a one-way hash

2.4 BAD POINTS OF MD5

• Has known for security flaws and vulnerabilities
• Works really well but is less secure than the SHA-1 algorithm

3. SHA-1 HASH FUNCTION

SHA-1 was created by the U.S. Government’s Capstone venture. SHA-1 creates a message digest dependent on standards like those utilized by Ronald L. Rivest of MIT in the plan of the MD2, MD4 and MD5 message process calculations, yet produces a bigger hash value (160 bits versus 128 bits).

SHA-1 is regularly used to check that a file has been unaltered. This is finished by creating a checksum before the record has been transmitted, and after that again it achieves its goal. The transmitted file can be viewed as original only if the two checksums are same. SHA-1 is one of the four algorithms in the Secure Hash Algorithm (SHA) family. Most were produced by the US National Security Agency (NSA) and distributed by the National Institute of Standards and Technology (NIST).

SHA-0 has a 160-bits message process (hash value) size and was the basic version of this calculation. SHA-0 hash value are 40 digits in length. It was distributed under the name “SHA” in 1993 yet wasn’t utilized in numerous applications since it was immediately replaced with SHA-1 in 1995 because of a security flaw.

3.1 HOW IT WORKS:

One real world application where SHA-1 might be utilized is when a person uses secret password into a site’s login page. Despite the fact that it happens out of sight without one’s knowledge, it might be the technique a site uses to safely confirm that the secret password is genuine. In this, suppose one is attempting to login to a site he/she regularly visit. Each time the site asks to sign in, which require username and secret password.

In the example, the site utilizes the SHA-1 cryptographic hash function, it implies the secret password is transformed into a checksum after entering it. So, this checksum is then compared with the checksum that was initially stored onto the website with the current password, regardless of whether one haven’t changed the secret password since he/she joined. If the two checksum matches, access is granted; if the checksum doesn’t match with each other than password with incorrect message is displayed.

Another example where the SHA-1 hash function might be utilized is for document verification. A few sites will give the SHA-1 checksum of the document on the download page so when the document is downloaded, one can check the checksum to guarantee that the downloaded document is equivalent to the one he/she planned to download. But where is the genuine use of this kind of encryption.

Let us consider a situation where we know the SHA-1 checksum of a document from the designer’s site, yet we need to download a similar form from an alternate site. We could then produce the SHA-1 checksum for the download and compare it. In the event that the two are unique, it not just means that the document’s content are not identifiable but rather that there could be secret malware in the document, the information could be corrupted and can cause harm to the PC documents, the record is nothing identified with the genuine record, and so forth.

Nonetheless, it could simply mean that one file may be an older version of the program than the other since even that little change will produce a different checksum value.

• Longer hash value compared with MD5
• Collision resistant
• Is in widespread use
• It provides a one-way hash
  3.  BAD POINTS OF SHA-1

• Slower computation comparing MD5
• Known security vulnerabilities

4. MAJOR DIFFERENCES IN MD5 AND SHA1

MD5	SHA-1
Came to existence in year 1992.	Came to existence in year 1995.
Its length is 128 bits.	Its length is 160 bits.
It is much faster than SHA-1.	It is slower than the MD5
It has 64 iteration.	It has 80 iteration.
Buffer space allocated is 128 bits.	Buffer space allocated is 160 bits.
This hash function can be easily attacked by the cryptanalytics attacks.	This hash function cannot be easily attacked by the cryptanalytics attacks.
It has 16 Rounds.	It has 20 Rounds.
It is less secure.	It is more secure.

5. SHA-3 HASH FUNCTION:

SHA-3 (Secure Hash Algorithm 3) is the most recent member from the Secure Hash Algorithm group, designed by NIST on August 5, 2015. Although part of a similar algorithm, SHA-3 is unique in relation to the MD5-like structure of SHA-1 and SHA-2. SHA-3 is a subset of the more extensive cryptographic family Keccak planned by Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche. Keccak’s creators have proposed extra uses for the function, not (yet) institutionalized by NIST, a confirmed encryption framework, a “tree” hashing plan for speedy hashing on certain architectures, AEAD ciphers Keyak and Ketje.

Keccak depends on a novel methodology called sponge construction. Sponge construction depends on a wide arbitrary function or irregular permutation, and permits input any quantity of information, and yielding any quantity of information, while going about as a pseudorandom function with respect to every single previous info. This prompt gives adaptability. NIST does not at present intend to pull back SHA-2 or expel it from the modified Secure Hash Standard. The motivation behind SHA-3 is that it tends to be straightforwardly substituted for SHA-2 in current applications if fundamental, and to essentially enhance the power of NIST’s general hash calculation toolkit.The designer of the Keccak algorithm and the SHA-3 function recommend utilizing the quicker function KangarooTwelve with balanced parameters and another tree hashing mode without additional overhead for little message sizes.

5.1  DESIGN:

SHA-3 utilizes the sponge construction, in which information is “absorbed” into the sponge, at that point the outcome is “squeezed” out. In the absorbing stage, message blocks are XORed into a subset of the state, which is then changed overall, utilizing a permutation function f. In the “squeezing” stage, O/P blocks are perused from a similar subset of the state, exchanged with the state change function f. The size of the state is composed and read and is known as the “rate” (meant r), and the part which is untouched is known as “limit” (signified c). The limit decides the security of the plan. The most extreme security level is a large portion of the capacity.

5.2 GOOD POINTS OF SHA-3:

• Fast in hardware
• Massive security margin because of high rounds.

5.3 BAD POINTS OF SHA-3:

• Slow in software
• Because of its speed attacker can try on lots of software even if salt is applied.

 

5.4 EXAMPLES OF SHA-3 VARIANTS:

SHA3-256(“”)

3338be694f50c5f338814986cdf0686453a888b84f424d792af4b9202398f392

SHA3-384(“”)

0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004

SHA3-512(“”)

a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26

Changing a single bit causes each bit in the output to change with 50% probability,

 

 

 

 

 

6. BLAKE2 HASH FUNCTION:

The cryptographic hash function BLAKE2, an enhanced version of the SHA-3, finally BLAKE enhanced the speed in programming. An enhanced BLAKE2 comes with the following properties:

• Faster than MD5 on 64-bit Intel platforms

• 32% less RAM required than BLAKE

• Minimal padding, which is quicker and faster to implement.

• Direct help, with no overhead, of

     Parallelism for very quick hashing on multicore or SIMD CPUs

     Tree hashing for update or update of huge file

     Prefix-MAC for validation that is less complex and quicker than HMAC

     Personalization for characterizing a different hash function for every application

6.1 DESCRIPTION OF BLAKE2

BLAKE2 comes in two flavors:

1. BLAKE2b (or just BLAKE2) is made for 64-bit platforms—including NEON-empowered ARMs—and creates digests of any size somewhere in the range of 1 and 64 bytes.
2.  BLAKE2s is made for 8-to 32-bit stages and creates digests of any size somewhere in the range of 1 and 32 bytes.

Both are accepted to be exceedingly secure and have great performance on any platform, also on any software or hardware. Both are compact to any CPU, but still can be as fast as when utilized on the CPU estimate for which it is upgraded; for instance, on a Tegra 2 (32-bit ARMv7-based SoC) BLAKE2s is relied upon to be about twice as quick as BLAKE2b, though on an AMD A10-5800K (64-bit, Piledriver microarchitecture), BLAKE2b is relied upon to be more than 1.5 times as quick as BLAKE2s. Since BLAKE2 is fundamentally the same as BLAKE, and initially portray the alteration presented with BLAKE2.

6.2 ROUNDS:

BLAKE2b completes 12 rounds, and BLAKE2s completes 10 rounds, against 16 and 14 individually for BLAKE. In light of the security examination performed up until now, and on sensible expectation on future advancement, it is improbable that 16 and 14 rounds are seriously more secure than 12 and 10 rounds. Review that the initial BLAKE had 14 and 10 rounds, respectively, and that the later increment was inspired by the rapid speed of BLAKE. This change provides an immediate speed of about 25% and 29%, respectively, on large information. speed on short information likewise essentially improved.

6.3 PARAMETERS:

	BLAKE2b	BLAKE2s
Bits in word	w = 64	w = 32
Rounds in F	r = 12	r = 10
Block bytes	bb = 128	bb = 64
Hash bytes	1 <= nn <= 64	1 <= nn <= 32
Key bytes	0 <= kk <= 64	0 <= kk <= 32
Input bytes	0 <= ll < 2**128	0 <= ll < 2**64
G Rotation	(R1, R2, R3, R4)	(R1, R2, R3, R4)
constants =	(32, 24, 16, 63)	(16, 12, 8, 7)

 

• 1.3 to 1.7 times faster in software
• Best for 512-bit digest
• Lower round count but still retain the expected security
• Blake2b superior choice for password based key derivation function.

 

7. TIGER HASH FUNCTION:

This hash function was designed in 1995 by ROSS ANDERSON and ELI BIHAM particularly for 64-bit platforms. The tiger hash value consists of 192 bits. Other truncated versions of the tiger hash functions are Tiger/128 and Tiger/160. These versions can be used with protocols demanding a particular hash size. The digest size are as follows 192,128,160 and there are 24 rounds in this algorithm. Tiger 2 variant is a variant where a byte is first appended to the hexadecimal value of =0X80, just like in MD5, MD4 and 0X01. Otherwise the two variants are perfectly identical.

7.1 ALGORITHM:

Merkle-Damgard paradigm is used for producing Tiger hash function. Also known as one-way compression function. This operates on 64-bit value. It keeps 3 words of state and process 8 word of data. Combinations used for 24 rounds are:

     XOR operation

     Addition/Subtraction

     S-box lookup

     Intricate key scheduling algorithm.

This hash function works really fast in software but implementing it in hardware (physical devices) is often difficult.

USAGE:

It is often referred as TTH i.e. Tiger tree hash which is quite used in Merkle hash tree. Also used by direct connect, BitTorrent and Gnutella for great content.

EXAMPLE:

 

8. COMPARISON TABLE:

8.1 TABLE-1: CYCLES PER BYTE ON INTEL CORE I5

Function		cycle per byte
	Long msg	4096 B	64B
MD-5	5.0	5.2	13.1
SHA-1	4.7	4.8	13.1
SHA-3	8.2	8.5	26.0
BLAKE2	3.5	3.5	9.3

8.2 TABLE: CHARACTERISTICS COMPARISON

ALGORITHM	OUTPUT SIZE	INTERNAL STATE SIZE	BLOCK SIZE	LENGTH SIZE	ROUNDS	WORDS
BLAKE2B	512	1024	512	–	12	64
BLAKE2S	256	512	256	–	10	32
MD5	128	128	128	64	64	32
SHA-1	160	160	512	64	80	32
SHA-3	224/256/384/512	1600	1600-2*BITS	128	24	64
TIGER (2)-192/160/128	192/160/128	192	512	64	24	64

9. CONCLUSION

In this report, description of cryptographic hash function has been briefly explained. How different hash algorithm came in existence when attacks on such algorithms became common. Every algorithm has some good points and some bad points. Gathering all the bits and pieces I would suggest using BLAKE2 hash function for the data-oriented company. As it is an enhanced version of SHA3 hash function and considerably faster than MD5. It is also available for 32- and 64-bit platforms. It is considerably faster in both software and hardware. Also, it is resistant to collision attack which MD5 is not. Though there are some hypothetical claims that cryptographic hash functions lands into accidental collision. Hence it is just hypothetical only. Because in the long term it hasn’t happened to RIPEMD, SHA-256, TIGER. So, it cannot be said that BLAKE2 will have intentional collision as it is lot stronger than above mentioned hash functions.

10.  REFERENCES:

 

1. Moffat, D. J., & Hughes, J. P. (2012). U.S. Patent No. 8,218,759. Washington, DC: U.S. Patent and Trademark Office.
2. Cryptographic hash function. (2019). Retrieved from https://simple.wikipedia.org/wiki/Cryptographic_hash_function.
3. Wang, X., & Yu, H. (2005, May). How to break MD5 and other hash functions. In Annual international conference on the theory and applications of cryptographic techniques (pp. 19-35). Springer, Berlin, Heidelberg.
4. Deepakumara, J., Heys, H. M., & Venkatesan, R. (2001). FPGA implementation of MD5 hash algorithm. In Electrical and Computer Engineering, 2001. Canadian Conference on (Vol. 2, pp. 919-924). IEEE.
5. Eastlake 3rd, D., & Jones, P. (2001). US secure hash algorithm 1 (SHA1) (No. RFC 3174).
6. Bauspiess, F., & Damm, F. (1992). Requirements for cryptographic hash functions. Computers & Security, 11(5), 427-437. doi: 10.1016/0167-4048(92)90007-e.
7. SHA-1. (2019). Retrieved from https://en.wikipedia.org/wiki/SHA-1
8. Sonh, S. (2012). A Study on Area-Efficient Design of Unified MD5 and HAS-160 Hash Algorithms. The Journal of The Korean Institute of Information and Communication Engineering, 16(5), 1015-1022. doi: 10.6109/jkiice.2012.16.5.1015
9. PHP | md5(), sha1(), hash () Functions – GeeksforGeeks. (2019). Retrieved from https://www.geeksforgeeks.org/php-md5-sha1-hash-functions/
10. Constantin, L. (2019). The SHA1 hash function is now completely unsafe. Retrieved from https://www.computerworld.com/article/3173616/security/the-sha1-hash-function-is-now-completely-unsafe.html
11. SHA-3. (2019). Retrieved from https://en.wikipedia.org/wiki/SHA-3
12. SHA3-256 Online. (2019). Retrieved from https://emn178.github.io/online-tools/sha3_256.html
13. Nakov, S. (2019). Hash Functions · Practical Cryptography for Developers. Retrieved from https://cryptobook.nakov.com/cryptographic-hash-functions.html
14. function? W. (2019). Why is SHA-3 a Sponge function? Retrieved from https://crypto.stackexchange.com/questions/56346/why-is-sha-3-a-sponge-function
15. What is the Difference Between SHA-1, SHA-2 and SHA-256? (2019). Retrieved from https://www.thesslstore.com/blog/difference-sha-1-sha-2-sha-256-hash-algorithms/
16. (2019). Retrieved from http://www.ijircce.com/upload/2015/sacaim/30_212.pdf
17. Newman, L., Lapowsky, I., Newman, L., Wright, R., Barrett, B., & Graff, G. (2019). A Super-Common Crypto Tool Turns Out to Be Super-Insecure. Retrieved from https://www.wired.com/2017/02/common-cryptographic-tool-turns-majorly-insecure/
18. Grimes, R. (2019). All you need to know about the move from SHA1 to SHA2 encryption. Retrieved from https://www.csoonline.com/article/2879073/encryption/all-you-need-to-know-about-the-move-from-sha1-to-sha2-encryption.html
19. BLAKE2. (2019). Retrieved from https://blake2.net/
20. BLAKE2? W., & Frame, R. (2019). What advantages does Keccak/SHA-3 have over BLAKE2? Retrieved from https://crypto.stackexchange.com/questions/31674/what-advantages-does-keccak-sha-3-have-over-blake2
21. BLAKE (hash function). (2019). Retrieved from https://en.wikipedia.org/wiki/BLAKE_(hash_function)
22. Aumasson, J. (2019). Why Replace SHA-1 with BLAKE2? Retrieved from https://research.kudelskisecurity.com/2017/03/06/why-replace-sha-1-with-blake2/
23. (2019). Retrieved from https://eprint.iacr.org/2013/322.pdf
24. Tiger (hash function). (2019). Retrieved from https://en.wikipedia.org/wiki/Tiger_(hash_function)
25. (2019). Retrieved from https://www.esat.kuleuven.be/cosic/publications/article-1138.pdf
26. (2019). Retrieved from https://www.researchgate.net/publication/221327094_Cryptanalysis_of_the_Tiger_Hash_Function
27. (2019). Retrieved from https://www.cl.cam.ac.uk/~rja14/Papers/tiger.pdf