Hashing and MACs

• Should be efficient and resistant to various forms of attacks.
  • Can't recover plaintext from hash.
  • Can't create collision given a plaintext.
  • Can't create collision at all.
  • Pseudo-random.
• A Message Authentication Code or a MAC is a keyed-hash function.

DAA

• CBC mode with DES and return the last 48 bits of the last block.
• IV = 0 vector.

CMAC

• Same as CBC mode, last step has extra XOR with the key as well.
• IV again 0 vector.

CCM

• Do CMAC on a nonce, metadata, and plaintext to get T.
• Do CTR encryption, and encrypt 0th counter with the same key and XOR with T.

HMAC

• ipad = 0x36 repeated b/8 times.
• opad = 0x5c repeated b/8 times.
• K' = Key padded with zeros on the left.
• Step 1: $H_1 = H[(K' \oplus ipad) || M]$
• Step 2: $H_2 = H[K' \oplus opad || H_1]$

DSA

• Public parameters are a prime $p$, $q$ which is a divisor of $p - 1$, and $g = h^{\frac{p-1}{q}} \text{mod} p$ where $h$ is any integer below $p - 1$.
• Private key, a random $x, 0 < x < q$, public key, $y = g^x \mod p$
• Signing and verification are too complex for my smooth brain to wrap my head around.