ok so we will talk about cryptographic hash
function how the hash function is used in
cryptography and what should be the desirable
property of such function we should have in
order to in in in the domain of cryptography
so for that we need to know how we can use
this hash function so basically ah in in cryptography
we use the hash function to ah reduce the
size of the messages if if because size message
size could be big any arbitrary length ok
so this is a big message so the idea is to
reduce to a fixed size say l bits so thats
y we use the hash function so hash function
is basically should able to ah to take ah
any arbitrary length and it should give us
the fixed bit plaintext which is called hash
digest ok so that is the thing so now ah so
before knowing the what should be the property
this hash function should have for cryptographic
slides so before that we need to know the
what are the uses of this has[h]- hash function
in cryptography then we can decide the what
the property should our hash function have
so basically hash function is used for authentication
purpose
so suppose we have two parties alice and bob
ok so this is this could be say first use
so use of hash function uses of hash function
hash function in cryptography so this is ok
alice and bob they are they are in a symmetric
key setup say so they have a common key k
symmetric key and they want to ah they want
to authenticate so alice is having a message
a big message m which alice wants to send
to bob and bob has to ensure that the message
is really coming from alice so that is what
is the authentication so what alice will do
so alice will first apply the ah m on on this
so alice will first apply the hash function
on this message sorry h and get the h of m
and then alice will concatenate this message
along with this h of m and then alice will
encrypt this using the key so this is a symmetric
key encryption it could be a block cipher
or stream cipher it could be d e s a e s or
any other stream cipher
so anyway this is symmetric key encryption
and this is the y so this alice will send
it to bob over the public channel this y so
basically alice is sending e k of m h of m
ok so now how bob will authenticate this so
bob is getting this message this is encrypted
ah things so bob will decrypt it using the
key k bob is having so h of m ok so this will
cancel out if bob is getting this thing so
bob is basically receiving now m and h of
m so now what bob will do so bob will apply
the hash function hash function is public
function so bob will apply this hash function
so ah anyway so sometimes we should follow
the same convention either capital h or small
h yeah so bob will use the same hash function
capital h and getting the h of m and bob will
check whether these two value are same or
not
if these two value are same then bob will
be ah so it is bob will ensure that the message
is coming from alice so authentication is
done authentication authenti[cation]- authentication
is done so if these two are matching then
the message is coming from alice so this is
one use
now the second one is so so 
next use is say so what we are doing so bo[b]-
alice having the message alice wants to send
it to bob so alice what alice is doing alice
is applying this h hash function and generating
the h of m and then h of m is le[ss]- reduced
size so this is also symmetric key setup now
alice is ah in the symmetric key they have
the common key k so now alice is encrypting
this because this is of lesser size so alice
is encrypting this using this k so this is
symmetric key encryption it could be block
cipher or stream cipher then alice is padding
this i mean just a appen[d]- appending and
send it to bob 
ok now this is bob is receiving so basically
bob is receiving this m along with this e
k of h of n so what bob will do bob will first
decrypt this this part decryption and bob
will get back h of m ok so bob has to know
the length of the message because otherwise
bob will be not knowing what is the ciphertext
has to decrypt so the length of the message
is also ah provi[de]- ah also to be known
should be known to the bob
so it will just ah decrypt it and it will
get h of m so now bob will apply h function
on this so this is also supposed to be h of
m bob will compare these two value if these
two values are same then bob will ensure that
the message is coming from alice so the authentication
is done but here we are losing the confidentiality
of the message because m we are sending over
the public channel so in this scheme no confidentiality
of the message ok because we are just sending
the message over the public channel we are
just appending the message with this because
alice has to but earlier case when we encrypting
message and the h of m there we are achieving
both the confidentiality and the authentication
ok so this is the ah symmetric key setup now
we can similar thing we can have in public
key setup so let us so this is use number
two and
now we will talk about use number three of
hash function so this is in public key setup
ok so alice and bob now they are in public
key setup so that means they are having ah
public key ah they are having two pair up
keys so alice is having e of a d of a this
is basically public key of alice public key
of alice and this is basically secret key
or the private key private key of alice ok
now alice has a message m which is really
big message and alice wants to ah authenti[cate]-
alice wants to send this message to bob in
a way that alice wants to authenticate that
i am sending so bob has to ensure that the
message is coming from alice that is the authentication
so what alice will do alice will apply the
hash function on it and get the message h
of m ok
then alice will ah alice will apply the signature
on this message so alice will do the sort
of encryption but using alice secret key because
it is basically signature signing alice is
signing on the message now because this is
reduced size then it wont be so much expensive
because m is very big so if we have to do
the public key encryption on m on a bigger
space it is more expensive because public
key is more expensive than the than the symmetric
key so so now it is ok if we can so alice
will sign on this so alice will encrypt this
using alice secret key this is on reduce size
and then alice will ah send the message along
with this signature and this alice will sent
to a bob so bob how bob will verify if the
message is coming from alice actually bob
is gessing getting this message along with
this ah alice signature on this hash value
of this message because it is reduce size
ok so what bob will do bob will first ah get
it back that means bob has to apply the ah
inverse of this using the alice public key
which is known to everybody though these thing
can be done by ah other party also oscar also
so bob will just decrypt using the alice public
key on this h of m and this will give us h
of m because encryption is the reverse of
the decryption
so this quantity will give us basically h
of m and now alice will bob will compute h
on this and bob is supposed to get h of m
so bob will compare these two whether these
two is matching or not if these two is matching
then the authentication is done then bob will
ensure that the message is coming from alice
so here authentication is done but here all
similar problem no confidentiality confidentiality
because message message is becoming public
sending the message over the public channel
ok so now if we want ah confidentiality here
also so what we do suppose on top of this
they have a
so this is the another use this is number
four say so they have a common key k which
they have ah this is symmetric key they have
a key which is shared between them they agreed
with that may be we can use the diffie hellman
exchange key for that so they have a secret
key k which is known to alice and bob and
that is the secret now what they can do now
they can encrypt this thing using the that
secret key and this they can send to alice
can send to bob so what alice is doing alice
is first applying the hash function on it
then alice is signing on the message on the
hash value of the message because this is
a fixed length and then after that alice is
ah appending this message with this signature
and then alice is applying the ah this symmetric
key encryption this could be any block cipher
or stream cipher a e s d e s so just alice
is applying the symmetric key b symmetric
key encryption on the message and send it
to bob
so bob is receiving this now upon receiving
this what bob will do bob is also having a
secret key k so bob will decrypt it first
d of k ah the symmetric key decryption if
it is use a a e s then a e s decryption so
bob is getting m along with this ah e d of
a h of m ok so this will give us this will
give bob m along with e d of h of m so this
thing so m this is e d of this is the alice
signature so again bob has to do the ah same
thing bob has to do the dec[rypt]- bob has
to decrypt this so this is d of a using the
alice public key e of d of a i mean using
the alice public key so this will give us
h of m and bob is having now m so what bob
will do bob will apply this h and it is also
supposed to be h of m and bob will try to
match this whether they are equal or not
so this is these way we are if it is matching
then bob will ensure that the message is coming
from alice so this is the authentication so
here we are having both the authentication
and the confidentiality of the message because
messa[ge]- message is not becoming public
we are using a another level of encryption
symmetric key encryption so authentication
and confidentiality both achieving here confidentiality
both are achieving here ok so ah
now in a next ah use may be like this so this
is the fifth one so here what we do we will
introduce a extra security which is called
nonce or some sort of time stamp you can say
on the messages so what we are doing here
we are just ah we are having so alice and
bob ok so alice is having the message m so
what we are doing we are just ah this is the
s concatenation operation we are having a
nonce this is a nonce or can be time stamp
so we got s along with this and on this will
apply the h function so this will give us
h of this ok and then this along with the
message we are sending to bob m along with
concatenate with h of m s we are sending to
bob ok so now how bob will get back the message
ah bo[b]- how bob will authenticate the this
messages coming from alice so bob is receiving
this thing m along with h of m s so what bob
will do so this is the concatenation operation
so bob will also should have the same time
stamp or same nonce with bob so bob will do
this thing ah append this s with the message
and then bob will apply the h function on
it so this should be h of m comma s and this
should be equal to this and if this is equal
then the authentication is done authentication
is done but here also here we are not here
we are losing the confidentiality because
the message is becoming public over the ah
this public channel so if we in this scheme
if we want to have the confidentiality also
that is the fi[fth]- sixth one so we can similarly
we can have a k which is shared between the
alice and bob and then what we do we can encrypt
this using this k and then these we can send
it to bob so what bob will do first bob will
decrypt this decrypt this y and bob will be
getting this and then bob will do the remaining
thing as earlier so this way this is the symmetric
key encryption this way we can achieve the
both the confidentiality and the authentication
so even we can extend this for the public
key setup so this here we can have the confidentiality
also so the me[ssage]- message is not becoming
public confidentiality ok so the more or less
we can think few more application of hash
function based on this so more or less this
is the hash function is used mainly for the
authentication purpose and mainly to reduce
the size of the plaintext so that we can encrypt
it because public key encryption is very expensive
so if we have to encrypt one twenty eight
bit long message it is very difficult with
r s a or any elliptic curve cryptosystem so
its better if you can reduce that so that
h of s is helping us to reduce the message
ok now based on the uses now we want to know
ah what are the properties the our hash function
should have otherwise we cannot use it in
the ah in the in this cryptography so what
are the cryptographic hash function should
have the properties ok so properties of a
cryptographic hash function cryptographic
hash function should have ok ok so first one
is of one first one is it should apply to
any size of the input so our ah plaintext
should be any size so it should applied to
applied to any size of the input as big as
it is so basically it is a function from arbitrary
length input to a fixed length output ok that
is the first condition it should be ah applied
to any size input and it should ah ah give
a fixed size output so any size input and
it should produce produce a fixed size fixed
length that is l say fixed length output that
is l ok and the third condition is it should
be a one way function this h should be a be
a one way function what do you mean by one
way function one way means suppose we have
a function f from a to b a to b this is a
mapping f mapping so this is x this is y is
equal to f of x this is f mapping so when
we say f is a one way function if it is easy
to compute in the forward direction and it
is hard to get back it is hard to compute
in the backward direction
so if this part is easy so if so ah ah given
x so one way means one way means given x it
is easy easy means easy is a vague word easy
means computationally feasible so that means
there is a polynomial time algorithm to compute
this it is feasible computationally feasible
that means a polynomial time algorithm is
there to compute this computationally computationally
feasible ah a given a x it is easy to compute
a h of x so given a x this part is easy but
this part is hard given a f x given a f x
it is hard to get hard means again computationally
infeasible computationally infeasible hard
to get x so that means it is hard to invert
so given a f x given a h of x here f is h
basically given a h of x is a hard to get
x so it is very difficult to invert so that
is the hardness so that is the one way function
ok so and
next property is that is called weak collision
property so that is the number four weak collision
ok it is telling su[ppose]- we have given
a x now we need to find a y such that they
are colliding so given a x given a x it is
hard ah it is hard means again computationally
infeasible hard to find a y find a y such
that such that h of x is equal to h of y ok
so this is called weak collision property
and if a ah hash function satisfying upto
this then we[ak]- it is called a weak hash
function so this is this property is telling
given a x in the domain of key space given
a x it is hard to find a y such that they
are colliding this is the slot such that they
are colliding so h of x is equal to h of y
ok so this is the weak collision and the strong
collision is
strong collision is basically so it is hard
to find out the pair x y which are colliding
it is computationally hard it is hard means
computationally computationally infeasible
that is the hardness so that means there is
no polynomial time algorithm to handle this
it is computationally hard to get hard to
find a pair pair of keys x y such that 
h of x equal to h of y ok so this is the strong
collision property so if a hash function is
satisfying this property this earlier three
property and this property then it is called
a strong hash function this is strong collision
property ok strong collision property means
it is very difficult it is hard to get pair
x y such that they are colliding and weak
collision is we have given a x we have to
get a y such that they are colliding ok so
these are the properties our hash function
should have in order to we we we have to use
the hash function we have seen the uses so
to ah to for those uses we need to have these
properties so any cryptographic hash function
should have this properties
ok now we have to ah construct a cryptographic
hash function so general construction of a
cryptographic hash function how a hash function
can be constructed ok hash function is basically
it is reducing it is taking any bit input
message and it is reducing to a fixed bit
output so this is a general structure of a
hash function so it is taking any bit input
so this is the big message m this is the message
m so what we are doing suppose we have a function
f this is the hard of the hash function f
which is taking two input one is say n bit
another is say l bit and which is giving us
l bit output so f is basically taking two
input n bit cross l bit to l bit this is the
compression function this is the heart of
the hash function every heart every hash function
has such function every hash function is having
such if suppose we have such a function which
is taking a two input one is n bit another
one is l bit and it is giving us the output
l bit now how we can use this function to
have a hash digest
so so what we do we div[ide]- this a long
message we divide into blocks of size n bit
so each of this is n bit so this is a last
block x k so which ah we may need to append
something to make it n bit so what we do we
first apply this f function on this with this
n bit and we have to start with some starting
vector that is the i v and it is producing
the this is the n bit this is l bit it is
producing l bit so again we have to apply
this f function which is taking this input
this is also n bit so it is l bit again this
is l bit again so this is f function so repeated
application of the f function so again we
do like this so again this is f this is one
input and this is another l bit like this
we continue so this is one input this is last
block this is dot dot dot this is our l bit
and this is our h of m
this is basically l bit this is m bit this
is l bit so this is the hash digest so this
is the hash function this is the digest so
this is h of m so every hash function has
this compression function which is the heart
of the hash function so which is taking two
input ah ah n n bit and l bit which is giving
us output so this hash function is a function
from zero one any arbitrary bit to zero one
to l bit so next class we will discuss the
ah some particular hash function like sha
one secured hash code so there we have a particular
type of f function that is called m d four
or m d five so this is but this is the general
structure of any hash function it has a compression
function and we repeatedly applying the compression
function and finally we we are getting the
hash code of this message m ok
thank you
