Hash chain

Hash chain

In computer security, a hash chain is a method to produce many one-time keys from a single key or password.

Definition

A hash chain is a successive application of a cryptographic hash function h(x) to a string.

For example,

h(h(h(h(x))))

gives a hash chain of length 4, often denoted h^{4}(x)

Applications

LamportL. Lamport, “Password Authentication with Insecure Communication”, Communications of the ACM 24.11 (November 1981), pp 770-772. [http://scholar.google.de/scholar?num=100&hl=de&lr=&cluster=10450198314466995215] [http://citeseer.ist.psu.edu/context/2064887/0] ] suggested the use of hash chains as a password protection scheme in an insecure environment. A server which needs to provide authentication may store a hash chain rather than a plain text password and prevent theft of the password in transmission or theft from the server. For example, a server begins by storing h^{1000}(password) which is provided by the user. When the user wishes to authenticate, he supplies h^{999}(password) to the server. The server computes h(h^{999}(password)) = h^{1000}(password) and verifies this matches the hash chain it has stored. It then stores h^{999}(password) for the next time the user wishes to authenticate.

An eavesdropper seeing h^{999}(password) communicated to the server will be unable to re-transmit the same hash chain to the server for authentication since the server now expects h^{998}(password). Due to the one-way property of cryptographically secure hash functions, it is impossible for the eavesdropper to reverse the hash function and obtain an earlier piece of the hash chain. In this example, the user could authenticate 1000 times before the hash chain is exhausted. Each time the hash value is different, and thus cannot be duplicated by an attacker.

See also

* Challenge-response authentication
* Hash list - In contrast to the recursive structure of hash chains, the elements of a hash list are independent of each other.
* Key strengthening - Another recursive hashing method.
* One-time password

References


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Hash list — In computer science, a hash list is typically a list of hashes of the data blocks in a file or set of files. Lists of hashes are used for many different purposes, such as fast table lookup (hash tables) and distributed databases (distributed hash …   Wikipedia

  • Hash table — Not to be confused with Hash list or Hash tree. Unordered map redirects here. For the proposed C++ class, see unordered map (C++). Hash Table Type unsorted dictionary Invented 1953 Time complexity in big O notation Average Worst case Space …   Wikipedia

  • Chain hash table — This is a hash table implementation. Here collisions are handled by Chaining.The divisor used is 13. A double Array is used for implementation ie Array of pointers. 1 // Authors: Prerit Goel and Anant Sinha 2 #include 3 struct node 4 { 5 int… …   Wikipedia

  • Cryptographic hash function — A cryptographic hash function (specifically, SHA 1) at work. Note that even small changes in the source input (here in the word over ) drastically change the resulting output, by the so called avalanche effect. A cryptographic hash function is a… …   Wikipedia

  • Lempel-Ziv-Markov chain algorithm — The Lempel Ziv Markov chain Algorithm (LZMA) is an algorithm used to perform data compression. It has been under development since 1998 [The SDK history file states that it was in development from 1996, and first used in 7 zip 2001 08 30. Aside… …   Wikipedia

  • Linear hash — Linear Hashing is a dynamic hash table algorithm invented by Witold Litwin (1980) [ Citation | first1=Witold | last1=Litwin | title=Linear hashing: A new tool for file and table addressing | journal=Proc. 6th Conference on Very Large Databases |… …   Wikipedia

  • Maher-shalal-hash-baz — (Hebrew: מַהֵר שָׁלָל חָשׁ בַּז) Hurry to spoil! or He has made haste to the plunder! was the second mentioned son of the prophet Isaiah.[1] The name is a reference to the impending plunder of Samaria and Damascus by the king of Assyria. Maher… …   Wikipedia

  • Lempel-Ziv-Markoff chain-Algorithm — Lempel Ziv Markow Algorithmus (LZMA) ist ein freier Datenkompressionsalgorithmus, der von Igor Pavlov seit 1998 entwickelt wird und vergleichsweise gute Kompressionsraten und eine hohe Geschwindigkeit beim Entpacken erreicht. Er ist benannt nach… …   Deutsch Wikipedia

  • Lempel-Ziv-Markov chain-Algorithm — Lempel Ziv Markow Algorithmus (LZMA) ist ein freier Datenkompressionsalgorithmus, der von Igor Pavlov seit 1998 entwickelt wird und vergleichsweise gute Kompressionsraten und eine hohe Geschwindigkeit beim Entpacken erreicht. Er ist benannt nach… …   Deutsch Wikipedia

  • Lempel-Ziv-Markow chain-Algorithm — Lempel Ziv Markow Algorithmus (LZMA) ist ein freier Datenkompressionsalgorithmus, der von Igor Pavlov seit 1998 entwickelt wird und vergleichsweise gute Kompressionsraten und eine hohe Geschwindigkeit beim Entpacken erreicht. Er ist benannt nach… …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”