Steklov Institute St. Petersburg
Technische Universität München
State University St. Petersburg
Joint Advanced Student School (JASS)
Course 1: Algorithms in IT Security
St. Petersburg - Wednesday, March 30 through Saturday, April 9, 2005
One-Way Encryption and Message Authentication
In modern society the protection of the authenticity of information
has become as important as the protection of its confidentiality. This
means that there is a need for data origin authentication as well as for
verification of data integrity. Hash functions are versatile cryptographic
building blocks that are used in this context, but also in conjunction with
digital signature schemes and many other applications such as password
protection or pseudo-random numbers generation.
A hash function is an algorithm that takes inputs of arbitrary length
and returns a short string of bits, the message digest. However, for cryptographic
hash functions to be secure, additional properties are required.
For instance, it should be hard to find two distinct messages that hash
to the same value. Hash functions that depend on a secret key are called
message authentication codes (MACs).
This paper gives definitions of the basic terms of cryptographic hash
functions, following the description in [Sti02]. First, we discuss generic
attacks that can be applied to arbitrary hash functions and give a comparison
of security criteria. Second, we describe design principles of iterated
hash functions in general, and the Secure Hash Algorithm (SHA-1) in
particular. Finally we introduce message authentication codes and show
their construction from other cryptographic primitives.