Professional Documents
Culture Documents
An explanation of hashing and the recent exploit Michael Swartz Tilson Technology Management mswartz@tilsontech.com
Message Digest 5
Text that is represented by a string of digits created by applying a one-way hash function to the original text If using encryption, which requires a key to en- and decrypt, this is called a digital signature
There is confusing terminology on the internet. The paper published in December of 2008 also refers to hashing as a 'digital signature'
Hashing vsEncryption
Hashing is one-way. There is no 'dehashing'
A 'secret' is hashed and stored for later comparison When an agent sends a secret to the system containing the hash algorithm, a hashed value is created from that secret.
The resulting hash value is compared to the stored hash value The original secret is not compared and, hopefully, not stored Ideally, the hashed value of a secret will be unique to that secret and algorithm (further discussion)
Applications
Applications Hashing stored secrets
Passwords
File Checksums
Create a Unique value for a particular file to verify
SSL Certificates
Compare hash value of a certificate against a trusted source. Verifies the validity of a web site
Vulnerabilities in MD 5
Vulnerabilities Collision is caused by creating the same hash value from two or more different inputs
Hash for password 'foo' can be the same as the hash for password 'bar'
Since systems check the hash value, a collision can lead to a compromise
Vulnerabilities (continued)
Certificates using MD5 are subject to collisions as well Sites using these certificates generally do so to provide the user with assurance that the site they are visiting is verified by the issuing Certificate Authority (CA) Such cases vulnerable to this collision exploit
Vulnerabilities (continued)
Enables a 'rogue' certificate to be created. This rogue certificate can impersonate a certificate issued by a legitimate, or 'root' CA such as VeriSign. Root CAs are, by default, trusted Web browsers that trust the root CA will accept a certificate issued by a rogue CA, thereby accepting the identity of any site spoofed as such
Further Reading
http://www.win.tue.nl/hashclash/rogue-ca/ http://www.cryptography.com/cnews/hash.html http://ajaxian.com/archives/md5-hashcollision