Q
Problem solve Get help with specific problems with your technologies, process and projects.

Symmetric key encryption algorithms and hash function cryptography united

Can a secure symmetric key encryption algorithm be used in hash function cryptography? Learn more about these data encryption techniques.

Can a secure symmetric key encryption scheme be used to create a secure cryptographic hash function? The one-way...

nature of the exchange is affected, I assume, because the cipher of symmetric key encryption can be decrypted. What are the advantages and disadvantages of this approach?

SearchSecurity.com expert Michael Cobb is standing by to answer your questions about enterprise application security and platform security. Submit your question via email: editor@searchsecurity.com

Symmetric key encryption schemes can be used to create cryptographic hash functions. To discuss possible advantages or disadvantages of doing this, lets first look at how symmetric key encryption algorithms and hash function cryptography are used and the properties they should have.

A hash function takes a block of data, usually called the message, and returns a fixed-size string, which can be called the hash, hash value or message digest. The main reason for creating a hash value of a message is that any accidental or intentional change to it will result in a completely different hash value. By comparing the hash values of a message before and after an event, such as downloading it, the integrity of the data can be validated.

The four main properties of a good cryptographic hash function are:

1.     It is easy to compute the hash value for any given message.

2.     It is infeasible to find a message that has a given hash.

3.     It is infeasible to modify a message without the hash being changed.

4.     It is infeasible to find two different messages with the same hash.

Let's now look at how symmetric-key encryption works and see if it has the four properties listed above. Symmetric key algorithms use the same key for both decryption and encryption and can be divided into stream ciphers and block ciphers. Stream ciphers encrypt the bits of the message one at a time, while block ciphers take a number of bits and encrypt them as a single unit, the Advanced Encryption Standard (AES) algorithm uses 128-bit blocks for example.

A block cipher such as AES can be turned into a hash function; Davies–Meyer and Matyas–Meyer–Oseas are some of the methods used. Algorithms such as AES were designed to encrypt data, a different design goal to a hash function that uses large keys and blocks, can efficiently change keys every block, and have been designed and vetted for resistance to related-key attacks. AES has key and block sizes that make it nontrivial to generate long hash values. AES encryption becomes less efficient when the key changes each block and related-key attacks make it potentially less secure for use in a hash function than for encryption.

However, taking a hit on efficiency and security may be acceptable when an embedded system needs to implement both encryption and hashing while using the minimum amount of code. As always with most security-related algorithms, it is often a tradeoff between speed and security.

This was last published in September 2011

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

SearchCloudSecurity

• The security concerns of cloud cryptomining services

Cloud cryptomining as a service is a security risk to users. Expert Frank Siemons discusses cloud mining service providers and ...

• How Amazon GuardDuty could bolster enterprise cloud security

The new Amazon GuardDuty aims to secure enterprise AWS accounts and workloads, but does it? Expert Ed Moyle takes a closer look ...

• What the Azure AD Connect vulnerability can teach enterprises

Enterprises should learn from a Microsoft Azure AD Connect vulnerability that cloud security requires a hands-on approach. Expert...

SearchNetworking

• Network device monitoring beyond NETCONF

This week, bloggers look at alternative methods in network device monitoring, Europe's GDPR legislation and the integration of ...

• Ethernet bandwidth costs fall to a six-year low

Ethernet bandwidth costs in data center switches fell to a six-year low in 2017. Crehan Research reported cloud provider demand ...

SearchCIO

• Natural-language processing technology boosts BI at Penn Medicine

Natural-language processing technology lets Penn Medicine tap unstructured data, improving its analytics and patient care. ...

• Gartner issues four-part prescription for data and analytics leaders

Fake facts, discrimination, complexity and illiteracy are four challenges CIOs and data experts must overcome to reap the value ...

• Cybersecurity trend forecast: Streamlined, simplified security

In this SearchCIO Q&A, Javvad Malik discusses why streamlining infosec processes is becoming a top cybersecurity trend and how ...

SearchEnterpriseDesktop

• How to transition to Windows 10 without the headaches

IT pros should take a step back and decide if an upgrade to Windows 10 is right for their organizations, or they may encounter ...

• How to take advantage of SCCM and Intune co-management

IT can combine Microsoft Intune and System Center Configuration Manager to manage users' mobile devices, as well as any legacy ...

• Get to know your Windows 10 update options

Windows as a service changes the way updates work in Windows 10 from past versions of the OS. Each of the three servicing ...

SearchCloudComputing

• Analysts: How to make IBM Cloud services more competitive

To make IBM Cloud more competitive, Big Blue must stand by its enterprise base, while it also satisfies the developer community ...

• Don't overlook these practices in software modernization

During app modernization projects, teams commonly overlook basic goals, processes and tools. which can sully app launches as a ...

• Google preemptible VMs reduce cloud costs -- with a catch

With its preemtible VMs, Google offers spare compute capacity at a discounted price. But be careful not to run certain apps on ...

ComputerWeekly.com

• Shared services project is about user needs, not tech, says strategy director

If you’re hoping for the government’s shared services strategy to “break revolutionary ground” in terms of tech, you’ll be ...

• Train leasing firm demos mobile edge computing for smart trains

Rolling stock leasing company Angel Trains is demonstrating edge computing over a wireless mesh network to make life easier for ...

• BT to create 1,300 apprenticeship and graduate tech roles

Roles in TV production, engineering, customer service and cyber security offered in telecoms giant’s apprenticeship and graduate ...

Close