SlideShare a Scribd company logo

Message authentication with md5

Download as PPTX, PDF
志璿 楊

This document discusses message authentication with MD5. It provides an overview of how MD5 works as a hash function and describes how it can be used to generate a message authentication code (MAC). It notes that MD5 was an attempt to reduce overhead compared to DES-based MACs. However, it also describes an extension attack that allows modifying messages while reusing the original MAC. The document considers replacing MD5 with AES to address this issue and provides thoughts on using MD5 for per-message authentication despite its age.

Internet
Related topics:
Information Security
1 of 24
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Message Authentication with MD5 組員:張安邦、楊志璿
Outline 1. MD5 2. MAC 3. Author recommendations 4. Extension attack 5. Our idea
Note ● All sudo code in Lua ○ .. means concat ○ Because Lua needs more love
MD5 ● How MD5 works? ● reference : https://www.slideshare.net/sahilkureel/md5-algorithm
MD5 ● message-digest 5 ● A hash function ● 128 bit
MD5 1. Pad the message so #msg%56 == 0 a. A 1 bit is first appended, then 0s
MD5 2. Append the B value (4 bytes) to the end. So the the message is now a multiple of 64 bytes
MD5 3. The a, b, c, d parameters are initalized to the following values
MD5 4. Do some computing
MD5 5. The a, b, c, d variables ended up is the hash value
TL;DR ● Attempts to reduce overhead of MAC based on DES ○ DES is designed for hardware ○ Slow on software ● Use fast software hash functions ○ MD5
MAC - Message Authentication Code ● Given a message, it is difficult to compute the auth code without the secret key. ● Both sender and resever have key K. ● A message is send to the reseiver along with the MAC ● Receiver computes the MAC himself and check is they are the same ○ Checksum for messages keys
MAC - Message Authentication Code src: wiki
MAC - Message Authentication Code
K1 and K2 are two indipendent 128-bit values Paper perposal
Paper perposal Where p is a 348-bit padding and k is a 128-bit key
Paper perposal Where k is a 128-bit key
Extension attack For Hash(m1), we know m1.length() and Hash(m1) We can calculate Hash(m1 ‖ m2) for any attacker-controlled m2 without needing to know the content of m1
Extension attack Original Data: count=10&lat=37.351&user_id=1&long=-119.827&waffle=eggo Original Signature: 6d5f807e23db210bc254a28be2d6759a0f5f5d99 Key length is 14 bytes Desired New Data: count=10&lat=37.351&user_id=1&long=- 119.827&waffle=eggo&waffle=liege
Extension attack Desired New Data: count=10&lat=37.351&user_id=1&long=- 119.827&waffle=eggo&waffle=liege New Data: count=10&lat=37.351&user_id=1&long=- 119.827&waffle=eggox80x00x00x00x00x00x00x00x00x00x00x00x0 0x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00 x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x0 0x00x00x00x00x00x00x00x00x02x28&waffle=liege New Signature: 0e41270260895979317fff3898ab85668953aaa2
Extension attack Because MD5 is an iterative function
Authors thoughts ● AES can be used intead of MD5 ● More secure with the same procedure
Our thoughts ● Anthough MD5 is old and shouldn’t be used ● Brute forcing a 128bit key still takes forever ○ A single RTX 2080Ti can do 21.6 GH/s ○ 35794002499.47684 times the age of univers to solve ○ Numbers from hashcat ● No too bad for per message auth
Our thoughts ● Attempts to reduce overhead of MAC based on DES ○ DES is not that slow ● Use fast software hash functions ○ Modern x86/ARM have AES instructions ○ Faster hash rate than MD5 ○ Use AES when possible

More Related Content

PPTX
MD5
rokham khawaja
 
PDF
MD-5 : Algorithm
Sahil Kureel
 
PPTX
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
PPTX
Basic explanation to md5 implementation in C
Sourav Punoriyar
 
PPTX
Cryptographic hash function md5
Khulna University, Khulna, Bangladesh
 
PPT
Secure hashing algorithm
Karteek Paruchuri
 
PPT
Hash Function & Analysis
Pawandeep Kaur
 
PPTX
Hash Techniques in Cryptography
Basudev Saha
 
MD5
rokham khawaja
 
MD-5 : Algorithm
Sahil Kureel
 
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
Basic explanation to md5 implementation in C
Sourav Punoriyar
 
Cryptographic hash function md5
Khulna University, Khulna, Bangladesh
 
Secure hashing algorithm
Karteek Paruchuri
 
Hash Function & Analysis
Pawandeep Kaur
 
Hash Techniques in Cryptography
Basudev Saha
 

What's hot (20)

PPT
MD5Algorithm
Mirza Tarannum
 
PPTX
Cryptography Ashik
Ashik Iqbal
 
PDF
Hashing Algorithm: MD5
ijsrd.com
 
PPTX
Information and data security cryptographic hash functions
Mazin Alwaaly
 
PPT
Hash crypto
Harry Potter
 
PPTX
Hash function
Harry Potter
 
PDF
The MD5 hashing algorithm
Bob Landstrom
 
PDF
A technical writing on cryptographic hash function md5
Khulna University, Khulna, Bangladesh
 
PPTX
Secure Hashing Techniques - Introduction
Udhayyagethan Mano
 
PPTX
Message digest 5
Tirthika Bandi
 
PDF
A Comparative Analysis between SHA and MD5 algorithms
Er Piyush Gupta IN ⊞⌘
 
PPTX
Hash Function
Siddharth Srivastava
 
PPT
Hash& mac algorithms
Harry Potter
 
PPTX
Cryptographic Hashing Functions
Yusuf Uzun
 
PDF
Md5
annamalai
 
PPT
Message Authentication Code & HMAC
Krishna Gehlot
 
PPT
01204427-Hash_Crypto (1).ppt
GnanalakshmiV
 
PPT
Ch12
Joe Christensen
 
PDF
The SHA Hashing Algorithm
Bob Landstrom
 
PPT
6.hash mac
Virendrakumar Dhotre
 
MD5Algorithm
Mirza Tarannum
 
Cryptography Ashik
Ashik Iqbal
 
Hashing Algorithm: MD5
ijsrd.com
 
Information and data security cryptographic hash functions
Mazin Alwaaly
 
Hash crypto
Harry Potter
 
Hash function
Harry Potter
 
The MD5 hashing algorithm
Bob Landstrom
 
A technical writing on cryptographic hash function md5
Khulna University, Khulna, Bangladesh
 
Secure Hashing Techniques - Introduction
Udhayyagethan Mano
 
Message digest 5
Tirthika Bandi
 
A Comparative Analysis between SHA and MD5 algorithms
Er Piyush Gupta IN ⊞⌘
 
Hash Function
Siddharth Srivastava
 
Hash& mac algorithms
Harry Potter
 
Cryptographic Hashing Functions
Yusuf Uzun
 
Md5
annamalai
 
Message Authentication Code & HMAC
Krishna Gehlot
 
01204427-Hash_Crypto (1).ppt
GnanalakshmiV
 
Ch12
Joe Christensen
 
The SHA Hashing Algorithm
Bob Landstrom
 
6.hash mac
Virendrakumar Dhotre
 
Ad

Similar to Message authentication with md5 (20)

PPT
Message Authentication Requirement-MAC
Sou Jana
 
PPT
Information and data security cryptography and network security
Mazin Alwaaly
 
PPT
Ch11
Joe Christensen
 
PDF
Computer network system presentation pdf
prajjavalsingh2629
 
PPTX
unit4- predicate logic in artificial intelligence
thirugnanasambandham4
 
PPTX
MAC-Message Authentication Codes
DarshanPatil82
 
PPTX
Cryptography and network_security
Janani Satheshkumar
 
PPT
Message Authentication
Ram Dutt Shukla
 
PDF
Message Authentication and Hash Function.pdf
sunil sharma
 
PPT
Network Security Lec5
Federal Urdu University
 
PPT
Message Authentication: MAC, Hashes
Shafaan Khaliq Bhatti
 
PPT
Message authentication
CAS
 
PDF
Cs8792 cns - unit iv
ArthyR3
 
PDF
Cs8792 cns - unit iv
ArthyR3
 
PPT
cryptography and network security by william stallings
HimaniP19CSE013
 
PPTX
Meessage authentication and hash functions.pptx
JohnLagman3
 
PPT
ch11.ppt
ssuser4198c4
 
PPTX
Academy PRO: Cryptography 3
Binary Studio
 
PPT
ch11.ppt
SomuPatil8
 
PDF
Cns
ArthyR3
 
Message Authentication Requirement-MAC
Sou Jana
 
Information and data security cryptography and network security
Mazin Alwaaly
 
Ch11
Joe Christensen
 
Computer network system presentation pdf
prajjavalsingh2629
 
unit4- predicate logic in artificial intelligence
thirugnanasambandham4
 
MAC-Message Authentication Codes
DarshanPatil82
 
Cryptography and network_security
Janani Satheshkumar
 
Message Authentication
Ram Dutt Shukla
 
Message Authentication and Hash Function.pdf
sunil sharma
 
Network Security Lec5
Federal Urdu University
 
Message Authentication: MAC, Hashes
Shafaan Khaliq Bhatti
 
Message authentication
CAS
 
Cs8792 cns - unit iv
ArthyR3
 
Cs8792 cns - unit iv
ArthyR3
 
cryptography and network security by william stallings
HimaniP19CSE013
 
Meessage authentication and hash functions.pptx
JohnLagman3
 
ch11.ppt
ssuser4198c4
 
Academy PRO: Cryptography 3
Binary Studio
 
ch11.ppt
SomuPatil8
 
Cns
ArthyR3
 
Ad

Recently uploaded (20)

PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
PPTX
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
PPTX
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 
PDF
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PDF
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
PPT
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
PPTX
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
PDF
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
DOCX
Unit-3 cyber security network security of internet system
shivangisharma636228
 
PDF
Introduction to the IoT system, how the IoT system works
TinBinh
 
PPTX
Digital Literacy And Online Safety on internet
riksa rifqi
 
PDF
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
 
PPTX
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
PDF
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
PPTX
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
PPTX
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
PPTX
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
June-4-Sermon-Powerpoint.pptx USE THIS FOR YOUR MOTIVATION
KuyaRogie
 
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 
An introduction to the IFRS (ISSB) Stndards.pdf
farhankhan13694
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
Decoding a Decade: 10 Years of Applied CTI Discipline
Andreas Sfakianakis
 
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
artificial intelligence overview of it and more
yafotin445
 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
Unit-3 cyber security network security of internet system
shivangisharma636228
 
Introduction to the IoT system, how the IoT system works
TinBinh
 
Digital Literacy And Online Safety on internet
riksa rifqi
 
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
 
522797556-Unit-2-Temperature-measurement-1-1.pptx
msar8888
 
Testing WebRTC applications at scale.pdf
Giacomo Vacca
 
Power Point - Lesson 3_2.pptx grad school presentation
JoyPPD
 
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 

Message authentication with md5

  • 2. Outline 1. MD5 2. MAC 3. Author recommendations 4. Extension attack 5. Our idea
  • 3. Note ● All sudo code in Lua ○ .. means concat ○ Because Lua needs more love
  • 4. MD5 ● How MD5 works? ● reference : https://www.slideshare.net/sahilkureel/md5-algorithm
  • 5. MD5 ● message-digest 5 ● A hash function ● 128 bit
  • 6. MD5 1. Pad the message so #msg%56 == 0 a. A 1 bit is first appended, then 0s
  • 7. MD5 2. Append the B value (4 bytes) to the end. So the the message is now a multiple of 64 bytes
  • 8. MD5 3. The a, b, c, d parameters are initalized to the following values
  • 9. MD5 4. Do some computing
  • 10. MD5 5. The a, b, c, d variables ended up is the hash value
  • 11. TL;DR ● Attempts to reduce overhead of MAC based on DES ○ DES is designed for hardware ○ Slow on software ● Use fast software hash functions ○ MD5
  • 12. MAC - Message Authentication Code ● Given a message, it is difficult to compute the auth code without the secret key. ● Both sender and resever have key K. ● A message is send to the reseiver along with the MAC ● Receiver computes the MAC himself and check is they are the same ○ Checksum for messages keys
  • 13. MAC - Message Authentication Code src: wiki
  • 14. MAC - Message Authentication Code
  • 15. K1 and K2 are two indipendent 128-bit values Paper perposal
  • 16. Paper perposal Where p is a 348-bit padding and k is a 128-bit key
  • 17. Paper perposal Where k is a 128-bit key
  • 18. Extension attack For Hash(m1), we know m1.length() and Hash(m1) We can calculate Hash(m1 ‖ m2) for any attacker-controlled m2 without needing to know the content of m1
  • 19. Extension attack Original Data: count=10&lat=37.351&user_id=1&long=-119.827&waffle=eggo Original Signature: 6d5f807e23db210bc254a28be2d6759a0f5f5d99 Key length is 14 bytes Desired New Data: count=10&lat=37.351&user_id=1&long=- 119.827&waffle=eggo&waffle=liege
  • 20. Extension attack Desired New Data: count=10&lat=37.351&user_id=1&long=- 119.827&waffle=eggo&waffle=liege New Data: count=10&lat=37.351&user_id=1&long=- 119.827&waffle=eggox80x00x00x00x00x00x00x00x00x00x00x00x0 0x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00 x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x0 0x00x00x00x00x00x00x00x00x02x28&waffle=liege New Signature: 0e41270260895979317fff3898ab85668953aaa2
  • 21. Extension attack Because MD5 is an iterative function
  • 22. Authors thoughts ● AES can be used intead of MD5 ● More secure with the same procedure
  • 23. Our thoughts ● Anthough MD5 is old and shouldn’t be used ● Brute forcing a 128bit key still takes forever ○ A single RTX 2080Ti can do 21.6 GH/s ○ 35794002499.47684 times the age of univers to solve ○ Numbers from hashcat ● No too bad for per message auth
  • 24. Our thoughts ● Attempts to reduce overhead of MAC based on DES ○ DES is not that slow ● Use fast software hash functions ○ Modern x86/ARM have AES instructions ○ Faster hash rate than MD5 ○ Use AES when possible