You must have noticed WhatsApp's “your message is encrypted” message. Have you ever wondered what that means and how it is achieved? Encryption means the security and privacy of messages you send, obtained by cryptography.

This article will discuss what iterated hash functions in cryptography are. We will also learn how iterated hash functions are created to provide authentication of messages.

About Cryptography

cryptography is a concept or method that emerged to provide authenticity while transferring data. When everything is available on the internet in just one click, it is essential to differentiate between real and fake information or data.

Cryptography is similar to the Navajo code used by the military. They have symbols for every letter and word that can be used only if both personnel know the language. Similarly, in cryptography, we use an algorithm common to both sides to develop a message that cannot be read or understood without decoding.

As you can observe, we use an encryption algorithm to develop a cipher text by combining a code and a message. We use a decryption algorithm on the receiver end to decode the cipher text into a message. This enables us to achieve authenticity.

Anyone who knows the Navajo code can understand, decode the message and understand the information being transferred inside the army. Similarly, anyone with the decryption algorithm can decrypt the shared message document. Thus we use keys.

Keys are used with the encryptor and decryptor, as seen in the image above. Only the sender and receiver of the message are on the key. The message transferred cannot be encrypted or decrypted if the key is not used. It is like we have installed a lock on the message, and anyone with the key can only access it. This key can be public or private. This enables us to achieve confidentiality.

There are several ways to authenticate messages in cryptography. Three main ways are

Message encryption.

Message authentication code.

Hash functions.

In this article, we will discuss hash functions in cryptography which is the most widely used.

Hash Functions

Hash functions in cryptography are used to create authentic and confidential messages.

Hash Functions in cryptography generate a code to check the message's authenticity. In layman's language, we say that any document is hashed (passes through a hash function) to develop a hash value(code) using a hash function in cryptography.

The hash value is also called a message digest.

As discussed in the previous section, we require a message, keys, and function in general to perform any type of authentication. Hash functions are a bit different.

Working of Hash Functions

The hash function, message, and hash code work together to provide authentication.

H(M)= fixed length code (hash code h)

Where “H” is the hash function,

“M” is the message,

“h” is the hash value or code(message digest).

Quick guide:

The message goes through a hash function.

The function creates a hash code “h.”

The hash code and messages are combined.

We again use a hash function when the message is received to generate a hash code.

If it matches the received hash code, the message is authentic.

We might use encryption and decryption with or without keys to developing confidentiality and security.

A pictorial representation of this operation is given below.

As you can decipher by now, we need a function to create a hash code for the message for authentication.

Properties of Hash Functions

A few essential properties of hash functions are as follows:

Hash functions can take a message input of any length.

The output of the hash function is always fixed-sized.

Preimage resistance - you cannot infer the input with the help of output.

Second preimage resistance - a hash code can only represent one message input.

Collision resistance - two messages cannot be represented by the same hash code.

Now that you have understood the concept of hash functions, let's learn what iterated hash functions are.

Iterated hash functions convert a significant infinite message input into a small finite output. This is done using a compression function.

Compress functions are functions that work with a large finite set to a small finite s.et

As the name suggests, the iterated hash function is repeated input compression into hashed outputs until we get the result.

H: {X}-->{Y}

Where X is an infinitely long message input,

Y is fixed-length output,

H is an iterated hash function.

As you can observe in the image above, we divide the infinite message output into parts and apply the compression function repeatedly. We thus obtain a hash code for the message input in the end.

The Goal of Iterated Hash Functions

The compression function operates on a finite message input to give a fixed-length output. But how do we create hash code(fixed-length output) when we have an infinite message input? This is where the concept of iterated hash functions comes in.

The goal of the iterated hash function is:

To create hash code for a huge message input.

To ensure the security of iterated hash functions.

To ensure all the properties of hash functions are inherited by iterated hash functions.

Procedure

To build an iterated hash function, we follow a three-step process. We will discuss each one of them in detail in this section.

Preprocessing Step

We must divide a large message input into parts to perform an iterated hash function. A pictorial representation of the preprocessing step is given below.

As you can observe, we have divided a message into parts of length “t” for the compression function to operate on each one of them.

Processing Step

In this step, we iterate or repeatedly apply compression functions on the parts of messages to obtain fixed-length outputs. A pictorial representation of the processing step is given below.

Quick guide:

The compression function “f” operates on “M1” and gives “Ho.”

“Ho” is called the initial vector or initial output.

The compression function “f” operates on “M2” and “Ho” to give “H1”.

The compression function “f” operates on “M3” and “H1” to give “H2”.

This repeated till “Mt.”

The compression function “f” operates on “Mt” and “Ht-1” to give “Ht.”

“Ht” is the hash code or value of the iterated hash function.

Output Transformation

This step is optional while working on iterated hash functions. We can skip this step if we have obtained the final hash code. A pictorial representation of the output transformation step is given below.

As shown in the image above, we have assumed a separate fixed-length message input “g.” Then a hash function operates on the “g” to give a hash code. This will be the initial large message input's final hash code or value.

Merkle Damgard Construction

The technique to successfully build an iterated hash function is called the Merkle Damgard Construction. This ensures the security of iterated hash functions. It also provides that iterated hash functions inherit all the properties of hash functions.

It follows the basic steps as discussed above with a little difference.

This construction can be explained in simple steps, as discussed below.

Divide the message input into parts.

Adding pod, which is an extension to the message. This ensures the proper division of the message input into equal parts.

Then the compression function “f” operates on “M1” and gives “Ho.”

“Ho” is called the initial vector or initial output.

The compression function “f” operates on “M2” and “Ho” to give “H1”.

The compression function “f” operates on “M3” and “H1” to give “H2”.

This repeated till “Mt.”

The compression function “f” operates on “Mt” and “Ht-1” to give “Ht.”

“Ht” is the hash code or value of the iterated hash function.

Applications

There are three significant applications of iterated hash functions in cryptography.

Password storage We can store the password in the usual way we generally do. But when storing crucial and confidential information, we need secure passwords. In such a case, we can store all the passwords in a file and generate a hash value to keep all our passwords secure.

Data integrity Data integrity refers to checking if the data is real or not. We also check if the received data matches the original data. We will learn about this in detail in the next section.

Security The iterated hash function ensures the security of messages transferred by inheriting all the properties for the security of hash functions, such as collision resistance.

Now it's time to discuss some FAQs

Frequently Asked Questions

What type of cryptography is applied during authentication?

The Wide-Mouth Frog algorithm is a technique that uses symmetric cryptography to carry out key exchange and authentication. It employs an arbitrated protocol in which one party sends the trusted third party a message encrypted with the key on its behalf.

Why should we update the keys regularly?

There is a need to do so because of security reasons. Previously used keys can be less secure. Therefore they can be determined by unauthorised users easily.

What is a blind signature scheme?

This digital signature hides the message's content before it is signed. This is used when the message author and the signer are different parties. Blind signature schemes can be implemented using RSA and DSA.

What are the four underlying tenets of Encryption?

Data Integrity, Authentication, Non-repudiation, and Confidentiality are the central tenets of modern cryptography.

What distinguishes RSA from DSA?

While DSA is slower at verifying, it is faster at signing. DSA employs 1024 bits and it stands for Digital signature algorithm. Whereas RSA stands for Rivest–Shamir–Adleman algorithm which can handle 2048 bits or more. DSA can only be used for Encryption, whereas RSA can be used for Encryption and authentication.

Conclusion

In this article, we discussed what cryptography is and how hash functions work to provide authenticity. We learned what iterated hash functions are and how to create them. We also discussed the application of iterated hash functions.

We hope this blog has helped you enhance your knowledge of Signing and Encrypting in Cryptography. Do not stop learning! We recommend you read some of our Cryptography articles: