Encryption algorithm and one-way hash function

In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption to make the encrypted information readable again (i.e. to make it unencrypted).

Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now commonly used in protecting information within many kinds of civilian systems. For example, the Computer Security Institute reported that in 2007, 71% of companies surveyed utilized encryption for some of their data in transit, and 53% utilized encryption for some of their data in storage[21].

Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years[22]. Encrypting data in transit also helps to secure it as it is often difficult to physically secure all access to networks.

Encryption algorithms divided into symmetric encryption algorithms and asymmetric encryption algorithms according to feature of the key. Symmetric algorithms are a class of algorithms for cryptography that use trivially related, often identical, cryptographic keys for both decryption and encryption. Asymmetric key

algorithms unlike symmetric key algorithms, it does not require a secure initial exchange of one or more secret keys to both decryption and encryption. It is used to create a mathematically related key pair: a secret private key and a published public key. Use of these keys allows protection of the confidentiality and integrity of a message, encrypting the message using the public key, which can only be decrypted using the private key. It also allows protection of the authenticity of a message by creating a digital signature of a message using the private key, which can be verified using the public key. The features analysis of symmetric encryption algorithms and asymmetric encryption algorithms are shown as Table 2.4.

Table 2.4: The features analysis of symmetric and asymmetric encryption algorithm Encryption

Type Advantage Disadvantage

Symmetric Faster

encryption/decryption

1. Use the same key in encryption/decryption

2. Must use absolutely secure way to send key

3. Less convenient and secure in sending key

3. More convenient and secure in sending key

Slower

encryption/decryption

Hash function is any well-defined procedure or mathematical function that converts a large, possibly variable-sized amount of data into a small datum, usually a single integer that may serve as an index to an array[23]. The values returned by a hash function are called hash values, hash codes, hash sums and checksums.

One-way hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value. The data to be encoded is

often called the "message", and the hash value is sometimes called the "message digest".

The ideal one-way hash function has four main or significant properties[24] : y It is easy to compute the hash value for any given message,

y It is infeasible to find a message that has a given hash,

y It is infeasible to modify a message without changing its hash, y It is infeasible to find two different messages with the same hash

One-way hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums or just hash values, even though all these terms stand for functions with rather different properties and purposes.

Most cryptographic hash functions are designed to take a string of any length as input and produce a fixed-length hash value.

A cryptographic hash function must be able to withstand all known types of cryptanalytic attack. As a minimum, it must have the following properties:

y Preimage resistance

Given a hash h it should be hard to find any message m such that h = hash (m). This concept is related to that of one-way function. Functions

that lack this property are vulnerable to preimage attacks.

y Second preimage resistance

Given an input m1 it should be hard to find another input m2 where m1≠m2

such that hash(m1) = hash(m2). This property is sometimes referred to as weak collision resistance, and functions that lack this property are vulnerable to second preimage attacks.

y Collision resistance

It should be hard to find two different messages m1 and m2 such that hash (m1) = hash (m2). Such a pair is called a cryptographic hash collision, a property which is sometimes referred to as strong collision resistance. It requires a hash value at least twice as long as that required for preimage-resistance, otherwise collisions may be found by a birthday attack.

These properties imply that a malicious adversary cannot replace or modify the input data without changing its digest. Thus, if two strings have the same digest, one can be very confident that they are identical.