Security of Cryptographic Hash Functions Assignment

Assignment Task

For any finite alphabet A (finite set of symbols), A* denotes the set of finite strings (or finite words) on A. Note that A* includes the empty string, denoted ɛ.

1. A hash function is used to transform a text, binary string or number into a fixed-length hash value (for instance a fixed-length binary string). Hash functions are typically not injective functions. We then call hash collision a pair of entries with the same hash value. This represents a security threat. Suppose for instance that we store a data base of users identified using a 5 digits user number and a 4 digit code. Any legal entry to a service, say for instance a related website, will be granted based on a 9 digits number (user number and code). Instead of storing the user numbers and related codes in the database, we decide to store only a hash value of these 9-digit numbers coded on 16 binary digits. Then, the access to the website is granted if the hash value of the 9-digit input corresponds to a valid hash value. In addition, the system allows only to try one combination (user number + code) from a single IP address every 10 seconds to prevent a malicious agent from using a brute force approach. We denote by C the set of all 9-digit numbers and by H = {0, 1}16 the set of all possible 16 digit binary strings.

(a) [(K,M,P,E)=(1,0,1,1)]
Give a brief justification that |C|= 109 and H = 216.

(b) [(K,M,P,E)=(1,1,1,1)]

When choosing the possible user numbers and corresponding codes, we ensure that two different entries in the database correspond to different hash values (no collision) to be able to identify the user based on the hash value only. Justify that, if there are 65537 users or more, then it is not possible to uniquely identify them based on the hash value.

(c) One of the most naive hash function will transform a 9 digit number into the sum of digits coded as a 16 binary digit string.

(i) [(K,M,P,E)=(0,1,0,1)]

How many possible values do we have for the related hash values? Does it sound reasonable?

(ii) [(K,M,P,E)=(0,1,0,1)]

Justify that, for this hash function, it is easy to enumerate a list of possible entries with different hash values, and consequently, to find a pre-image for each possible hash value.

(d) [(K,M,P,E)=(1,1,1,0)]

Another hash value we can consider maps a 9-digit number a1...ag to ia: first digit is multiplied by 1, the second by two, the third by 3... and then all results are summed. What is the maximum hash value H for this hash function? Briefly comment about the suitability of this hash function for our problem.

(e) [(K,M,P,E)=(1,2,1,1)]

Suppose now that we are able to find a surjective hash function f from C to H as well as a process to enumerate one pre-image for each possible hash value. If the database

This IT and Computer Science has been solved by our PHD Experts at My Uni Paper.