Review Videos for Lecture 6: Hashing, Integrity (MACs), Pseudorandom Generators

• Summer 2020 notes (hashing)
• Summer 2020 notes (integrity)
• Summer 2020 notes (pseudrandom generators)
• Playlist (length: 1:04:37)

Cryptographic Hash Functions

(True/False) Given a cryptographic hash function and some x, it is hard to find x' such that H(x) = H(x')

True. This condition is an implication of collision resistance referred to as second pre-image resistance

Hash Function Applications

(True/False) The application presented relies on the one-way property of a cryptographic hash function

False. One-way doesn’t matter here since the file is public. We care about collision resistance to guarantee integrity of the file.

Integrity and Authentication

(True/False) Encryption only gives you confidentiality but not integrity or authentication.

True.

Message Authentication Codes (MACs)

(True/False) MACs ensure confidentiality and integrity

False. MACs do not ensure confidentiality.

AES-EMAC

(True/False) AES-EMAC is a secure MAC even if the k1 and k2 are identical

False. This is vulnerable to a forgery attack as Raluca explained

Authenticated Encryption

(True/False) If the MAC is over the plaintext message instead of the encrypted message, the described scheme still provides confidentiality, integrity, and authentication.

False. The MAC might leak the message violating confidentiality

Is AES-EMAC a hash function?

(True/False) AES-EMAC is a hash function if the key is kept private

False. It would no longer be a hash function since, by definition, a hash function is public

HMAC

(True/False) The underlying hash function must be collision resistant for the security of HMAC to hold

True

Pseudorandom Generators (PRGs)

(True/False) A block cipher is a type of PRG

False. A PRGs output is much longer than it’s input. Since a block cipher is a permutation its input and output sizes are the same. However, we can use a block cipher to build PRGs using block cipher modes like we’ve seen.