Assignment topic : The application of hash function and its security. Content requirements: (1) Give the specific application of hash function. (2) Combined with the birthday attack, and Professor Wang Xiaoyun's MD5 security in 2004 and 2005 and the security of Google's SHA-1 in 2017, explain the security of hash functions and the current development of secure hash functions. The answer to question 2 can be combined with the first link given below. (3) Combine the selection prefix collision in the md5 algorithm and the md5 message digest value of the two executable files helloworld.exe and goodbyworld.exe in the second link and the execution results of the two files to illustrate the md5 algorithm to verify the software integrity problems that may arise.
链接1:https://www.win.tue.nl/hashclash/
链接2:http://www.win.tue.nl/hashclash/SoftIntCodeSign/
(1) The specific application of hash function
1. The data check/file check
HASH function has a similar function to the data redundancy check, but it has a much smaller probability of collision than a simple redundancy check. Gu Er always uses HASH in current cryptography to verify key data.
The check algorithms we are familiar with include parity check and CRC check. These two kinds of checks do not have the ability to resist data tampering. They can detect and correct channel errors in data transmission to a certain extent, but they cannot prevent data tampering. Malicious destruction of data. The "digital fingerprint" feature of the MD5 Hash algorithm makes it the most widely used file integrity checksum (Checksum) algorithm at present. Many Unix systems provide commands to calculate the md5 checksum.
2. The digital signature
Hash algorithm is also an important part of the modern cryptosystem. Due to the slow operation speed of asymmetric algorithms, one-way hash functions play an important role in digital signature protocols. Digitally signing a hash value, also known as a "digital digest", is statistically equivalent to digitally signing the file itself. And there are other advantages to such a protocol.
3. Collision constraints and limited fixed digest length
digital signatures use these features to improve efficiency. The speed of asymmetric encryption algorithm is low, and it can only act on the HASH digest through HASH processing, thereby improving efficiency.
4. HASH can be used in the generation of random numbers and the derivation of passwords, salt values, etc.
Because the HASH algorithm can guarantee its uniqueness to the greatest extent, it can be used in the derivation of key data.
5. Authentication protocol
The following authentication protocol is also called "challenge-authentication mode: in the case that the transmission channel can be intercepted but cannot be tampered with, this is a simple and secure method.
(2) Combined with the birthday attack, and Professor Wang Xiaoyun's MD5 security in 2004 and 2005 and the security of Google's SHA-1 in 2017, explain the security of hash functions and the current development of secure hash functions. The answer to question 2 can be combined with the first link given below.
Security of hash functions:
The methods of attacking the hash function are: birthday attack, modular differential attack (bit tracking method);
A hash function is secure if it has:
Consistency: The same input produces the same output.
Randomness: The message digest appearance is random to prevent guessing the source message.
Uniqueness: It is almost impossible to find two messages that produce the same message digest.
Unidirectional: i.e. if the output is given, it is difficult to determine the input message.
The hash value generated by the secure hash algorithm has enough digits;
The current development of secure hash functions:
1. At present, SHA-3 has appeared, but SHA-2 is still used. The primary reason why the world has not migrated to SHA-3 is that there is hardly any software or hardware in the world that currently supports the algorithm.
2. Grover's algorithm and Shor's algorithm, which are pre-quantum computing algorithms, can decipher today's widely used ciphers. Shor's algorithm is a quantum computer algorithm for solving discrete logarithm problems. It can break RSA, DSA and ECDSA ciphers. Grover's algorithm is not as effective as Shor's algorithm. Its function is equivalent to reducing the key length of the password by half. Resist Grpver algorithm attack by lengthening the key length.
It is worth noting that foreign quantum computers are developing rapidly, and well-known companies such as Google have put quantum computers into use to improve the efficiency of information search and research quantum artificial intelligence. Today's quantum computers are not strong enough to smash existing ciphers by executing Shor's algorithm or Grover's algorithm.
3.MD5 and SHA1 are the most widely used Hash algorithms, and they are all designed based on MD4. MD4 (RFC 1320) was designed by Ronald L. Rivest of MIT in 1990. MD is the abbreviation of Message Digest. It is suitable for high-speed software implementation on 32-bit word-length processors - it is based on bit manipulation of 32-bit operands.
(3) Combine the selection prefix collision in the md5 algorithm and the md5 message digest value of the two executable files helloworld.exe and goodbyworld.exe in the second link and the execution results of the two files to illustrate the md5 algorithm to verify the software integrity problems that may arise.
Message Digest Algorithm MD5 (Chinese name is Message Digest Algorithm Fifth Edition) is a hash function widely used in the field of computer security to provide message integrity protection.
Application of MD5 algorithm:
Consistency verification:
A typical application of MD5 is to generate a message digest (Message-Digest) for a piece of information (Message) to prevent tampering. For example, many softwares under Unix have a file with the same file name and the file extension .md5 when they are downloaded. There is usually only one line of text in this file. The general structure is as follows: MD5 (tanajiya.tar.gz) = 38b8c2c1093dd0fec383a9d9ac940515, which is the digital signature of the tanajiya.tar.gz file.
digital signature:
A typical application of MD5 is to generate a fingerprint (fingerprint) for a Message (byte string) to prevent "tampering".
Secure access authentication.
Therefore, the following situations may occur when the MD5 algorithm verifies the integrity of the software:
1. The MD5 files of two programs in different formats are the same;
2. If the security software does not take into account the double-signature verification after the system upgrade, it is very likely that the forged signature of this malicious sample is valid according to a logic similar to "normal";