# Hash function, birthday attack and collision resistance

1 .(10 points) There is a password generator that generates passwords for 1000 employees of a company. The generated passwords have 3 parts.

· The first part is a 64-bit string (16 characters) representing one of the ten departments in the company.

· The second part consists of 16 lowercase letters (64 bits). This part is unique.

·  The last part is an unknown constant string (64 bits).

A hash function converts these passwords to 128-bit hash values and then stores them in a file. Assume the hash function is given. What is the minimum number, k, of passwords such that it is likely (p ≥ 0.5) that at least two employees have the same password?

2 (10 points) In a company any digital request should be signed by 3 people, requester(????1), their supervisor(????2), and their manager(????3). The mechanism of signing will be as follow.

Using a unique shared key, an authenticated digest will be generated for everybody.

The message and its authenticated digest (????||???????? ,????ℎ???????????? ????????=ℎ(????????||(????????−1)),

????????????ℎ ????0=???? ,|| signifying concatenation) will then be sent to the next person. Then, the next person in the hierarchy will send the original message along with its distinct digest (generated via its own key) to the next person, and so on.

What will be the final digest generated by the computer of the manger (????3), in other words after three operations in mathematical terms?

Key used: Original Message, Distinct Digest

3. (10 points) In a company all the passwords used by employees are hashed by a nested hash function and the hash value stored in the hash table will be ????1(????2(????3(????????????????????????????????))). Let the hash functions be different and known and their specifications be as below:

H1: generates a 64-bit hash value from an arbitrary length message.

H2: generates a 128-bit hash value from a 64-bit message.

H3: generates a 64-bit hash value from a 64-bit message.

If the maximum length of passwords is 32 bits. What is the minimum number, k, of employees in the company such that it is likely (????≥0.5) that at least two employees have the same password?

0 replies