Question

Every developer is focused on transmitting data securely. Hashing and hash functions are essential for securing business information and data. While the term cryptographic hash function may sound intimidating, it’s much simpler than it sounds. For this assignment, expand on the information provided in the course and fully address the items below.

Write a 2- to 3-page paper in which you:

• Define cryptographic hash function (CHF).
• Elaborate on the main properties and definitions of an ideal cryptographic hash function.
• Propose 2 business applications or uses for a cryptographic hash function (e.g., password verification) and include a description of how it is used.
• Reference and citation

Format your paper according to APA guidelines.

Answer 1

Define cryptographic hash function (CHF).

A cryptographic hash function (CHF) is a mathematical algorithm that maps data of arbitrary size (often called the "message") to a bit array of a fixed size (the "hash value", "hash", or "message digest"). It is a one-way function, that is, a function which is practically infeasible to invert. Ideally, the only way to find a message that produces a given hash is to attempt a brute-force search of possible inputs to see if they produce a match, or use a rainbow table of matched hashes. Cryptographic hash functions are a basic tool of modern cryptography.

Elaborate on the main properties and definitions of an ideal cryptographic hash function.

The ideal cryptographic hash function has the following main properties:

• it is deterministic, meaning that the same message always results in the same hash
• it is quick to compute the hash value for any given message
• it is infeasible to generate a message that yields a given hash value (i.e. to reverse the process that generated the given hash value)
• it is infeasible to find two different messages with the same hash value
• a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value (avalanche effect).

Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information-security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, or just hash values, even though all these terms stand for more general functions with rather different properties and purposes.

A cryptographic hash function must be able to withstand all known types of cryptanalytic attack. In theoretical cryptography, the security level of a cryptographic hash function has been defined using the following properties:

• Pre-image resistance

  Given a hash value h it should be difficult to find any message m such that h = hash(m). This concept is related to that of a one-way function. Functions that lack this property are vulnerable to preimage attacks.

• Second pre-image resistance

  Given an input m₁, it should be difficult to find a different input m₂ such that hash(m₁) = hash(m₂). This property is sometimes referred to as weak collision resistance. Functions that lack this property are vulnerable to second-preimage attacks.

• Collision resistance

  It should be difficult to find two different messages m₁ and m₂ such that hash(m₁) = hash(m₂). Such a pair is called a cryptographic hash collision. This property is sometimes referred to as strong collision resistance. It requires a hash value at least twice as long as that required for pre-image resistance; otherwise collisions may be found by a birthday attack.

Propose 2 business applications or uses for a cryptographic hash function (e.g., password verification) and include a description of how it is used.

• Authenticate Users of Computer Systems- Hash functions may be used to authenticate the users at the time of login. The passwords are stored in the form of message digest to avoid access of the same even to Database Administrators (because of Pre-Image resistance ofHash digest). Whenever user tries to login and enter the password, the message digest of the entered password is computed and compared with the digest stored in the database. If it matches, then login is successful, otherwise user is not authenticated.

• Digital Time Stamping - Majority of text, audio and video documents are available in digital format and a number of simple techniques and tools are available to change digital documents. So some sort of mechanism is required to certify when such a document was created or last modified. Digital timestamp solve the purpose and provide a temporal authentication Rompay in his thesis work has suggested the multiple ways like simple scheme based on trusted third party, scheme that links timestamps into temporal chain and theotherone that make use of Merkle Tree. Rompay highlighted that Digital time stamp helps in protecting intellectual property rights, ensuring strong auditing procedures and implementing true non-repudiation services. Before , Haber and Stornetta has also detailed how One way hash functions and digital signatures can be used to implement the digital time stamping.

Note: Plzzz don' t give dislike.....Plzzz comment if u have any problem i will try to resolve it.......