1
00:00:02,120 --> 00:00:08,360
Encryption doesn't translate to the ability to prove a message senders identity.

2
00:00:08,400 --> 00:00:14,670
The two factors authenticity and non repudiation are insured by the use of hash functions in digital

3
00:00:14,670 --> 00:00:15,420
signatures

4
00:00:19,830 --> 00:00:22,220
a hash function is a one way function.

5
00:00:22,660 --> 00:00:29,090
You have to find a hash a characteristic fixed length trade of a variable length message

6
00:00:32,370 --> 00:00:37,400
cryptographic hash functions should also guarantee you the maximum possible randomness of the result.

7
00:00:38,310 --> 00:00:43,380
Minimize the risk that the hatch result generated from two different inputs will be the same and make

8
00:00:43,380 --> 00:00:47,440
a hash result from two very similar sets of data dissimilar as possible.

9
00:00:52,350 --> 00:00:59,010
This means that for any text computing the hash should be easy fast efficient and not complex.

10
00:00:59,010 --> 00:01:02,540
While mapping a text to a signature should be very hard to achieve.

11
00:01:05,810 --> 00:01:08,850
Different inputs should also be mapped to different hashes.

12
00:01:10,020 --> 00:01:13,160
The use of hash functions is connected with a serious threat.

13
00:01:13,930 --> 00:01:17,270
The security of symmetric or asymmetric algorithms varies.

14
00:01:17,470 --> 00:01:21,190
You can be certain that the hash functions used today are not secure.

15
00:01:21,190 --> 00:01:26,970
What's the reason for the state.

16
00:01:26,990 --> 00:01:32,040
The first problem that pertains to hash functions is the birthday paradox and the attack that exploits

17
00:01:32,070 --> 00:01:34,990
it.

18
00:01:35,020 --> 00:01:36,690
What is this problem about.

19
00:01:37,090 --> 00:01:42,310
If you get together with a group of 23 people what is the probability that two of the people have the

20
00:01:42,310 --> 00:01:43,380
same birthday.

21
00:01:45,130 --> 00:01:52,120
As it turns out this probability is surprisingly high it's over 50 percent.

22
00:01:52,130 --> 00:01:54,570
There are 365 days in a year.

23
00:01:54,740 --> 00:01:59,480
So 23 people would be enough for the probability of discovering that at least one pair and the group

24
00:01:59,690 --> 00:02:06,120
share the same birthday over 50 percent if seven more people made up.

25
00:02:06,280 --> 00:02:08,150
The group will increase to 30.

26
00:02:08,500 --> 00:02:13,870
The probability of at least two people in the group having the same birthday increases to over 70 percent.

27
00:02:17,940 --> 00:02:19,940
Why is the probability so high.

28
00:02:21,440 --> 00:02:28,790
First since there are 365 days in a year the first collision or match will occur after a give or take

29
00:02:28,790 --> 00:02:39,980
the 19th attempt 19 a square root of 365 in statistics a first match will occur likely soon after the

30
00:02:39,980 --> 00:02:41,870
square root of all possibilities.

31
00:02:44,870 --> 00:02:51,980
In a group of pointone you can create n times and minus one divided by two to one hundred ninety pairs

32
00:02:54,150 --> 00:02:55,150
for each of the pairs.

33
00:02:55,150 --> 00:02:59,470
The probability of having the same birthday is 1 to 365.

34
00:03:02,340 --> 00:03:09,480
You see the data to calculate the probability computing 20 times 20 minus one divided by two times divided

35
00:03:09,480 --> 00:03:18,430
by 365 gives us 380 730 slightly over 50 percent.

36
00:03:18,440 --> 00:03:19,700
Why even mention this

37
00:03:23,010 --> 00:03:32,170
from the birthday paradox you know that the risk of college in structure is quite a bit.

38
00:03:32,380 --> 00:03:34,420
It's certainly bigger than it would seem.

39
00:03:35,470 --> 00:03:37,860
How can you protect yourself against this problem.

40
00:03:39,260 --> 00:03:41,170
How is this shortcoming addressed.

41
00:03:42,380 --> 00:03:52,670
There's one viable solution used hash function results have to be lengthened.

42
00:03:52,720 --> 00:03:57,340
We started with the 128 bit length.

43
00:03:57,350 --> 00:04:04,570
Now there are even hash function results that are 512 bits long what hash functions are there.

44
00:04:09,900 --> 00:04:13,050
The first function is the MDI family message digest

45
00:04:15,570 --> 00:04:24,680
these hash functions were developed by Ron Rivest M.D. 2 was published in 1989 and before in 1990 and

46
00:04:24,700 --> 00:04:35,790
the five in 1991 the function's return 128 bit long outputs for several years now it's been known that

47
00:04:35,790 --> 00:04:42,530
there are a phishing attacks on all versions of the M.D hash function.

48
00:04:42,600 --> 00:04:50,240
For this reason the functions are not considered secure and are not recommended MT 5 is still widely

49
00:04:50,240 --> 00:04:51,120
used though.

50
00:04:51,260 --> 00:04:53,360
For example in Internet Applications

51
00:04:55,910 --> 00:04:59,740
an other option is using the SAHD family of hash functions.

52
00:05:02,600 --> 00:05:05,500
They were developed by the NSA.

53
00:05:05,700 --> 00:05:12,080
The hash that's returned is quite longer at 160 bits.

54
00:05:12,220 --> 00:05:20,440
The first of the S.H. a hash functions as actuates 0 and SH 1 are not secure censor publication they've

55
00:05:20,460 --> 00:05:22,900
been shown to be susceptible to attacks.

56
00:05:24,080 --> 00:05:26,700
The security of the former is 39 bits.

57
00:05:26,720 --> 00:05:32,410
All the security of the latter is 63 bits.

58
00:05:32,570 --> 00:05:42,290
There's also another variation of the hash function to OSHA to create hashes that are 256 or 512 bits

59
00:05:42,290 --> 00:05:45,190
in length.

60
00:05:45,310 --> 00:05:50,080
While some Chinese researchers have announced that they have successfully cracked sh to.

61
00:05:50,390 --> 00:05:52,920
There's no official proof to support this claim.