Welcome to Cryptographic Hash and Integrity Protection!
This course reviews cryptographic hash functions in general and their use in the forms of hash chain and hash tree (Merkle tree). Building on hash functions, the course describes message authentication focusing on message authentication code (MAC) based on symmetric keys. We then discuss digital signatures based on asymmetric cryptography, providing security properties such as non-repudiation which were unavailable in symmetric-cryptography-based message authentication.
This course is a part of the Applied Cryptography specialization.
Cryptographic Hash Function
Cryptographic hash function is a fundamental building block in modern cryptography and is used for digital signature, message authentication, anomaly detection, pseudo-random number generator, password security, and so on. This module define cryptographic hash functions and contrast it with ordinary hash functions. It also describes the iterative structure for hash implementation to support the hash requirements.
Cryptographic Hash Function Applications
Building on the previous module defining cryptographic hash functions, this module review its uses and applications. We will first describe hash chain, which chains multiple hash functions in sequence, and apply hash chain for generating one-time passwords using a scheme called S/Key. Then, we will use hash functions to construct a binary tree and describe hash tree, also known as Merkle tree. Lastly, we will review the applications of hash function and hash tree for decentralized digital currency in the forms of cryptocurrency or bitcoins.
Message Authentication Code (MAC)
Message authentication is to protect the message integrity and to perform sender authentication. This module describes message authentication code (MAC) which is based on symmetric keys. It contrasts MAC with hash functions or general encryption/decryption techniques and quantify the brute force attack difficulty for MAC and discuss the security requirements for MAC. The module also reviews two MAC implementations in Data Authentication Algorithm (DAA) and Cipher-Based MAC (CMAC), which are based on the use of block ciphers.
Like physical signatures in paper transactions, digital signature provides sender authentication and non-repudiation. This module describes how to use public-key pair to ensure the source of the packet. Then, it describes the purpose of digital signatures and the corresponding requirements. Lastly, we review a digital signature construction, which is the basis for many digital signature implementations such as RSA signature and Digital Signature Standard (DSS).