Hash chain

From Wikipedia, the free encyclopedia

In computer security, a hash chain is a method to produce many one-time keys from a single key or password.

Contents 1 Definition 2 Applications 3 See also 4 References

[edit] Definition

A hash chain is a successive application of a cryptographic hash function h(x) to a string.

For example,

h(h(h(h(x))))

gives a hash chain of length 4, often denoted h⁴(x)

[edit] Applications

Main article: S/KEY

Lamport^[1] suggested the use of hash chains as a password protection scheme in an insecure environment. A server which needs to provide authentication may store a hash chain rather than a plain text password and prevent theft of the password in transmission or theft from the server. For example, a server begins by storing h¹⁰⁰⁰(password) which is provided by the user. When the user wishes to authenticate, he supplies h⁹⁹⁹(password) to the server. The server computes h(h⁹⁹⁹(password)) = h¹⁰⁰⁰(password) and verifies this matches the hash chain it has stored. It then stores h⁹⁹⁹(password) for the next time the user wishes to authenticate.

An eavesdropper seeing h⁹⁹⁹(password) communicated to the server will be unable to re-transmit the same hash chain to the server for authentication since the server now expects h⁹⁹⁸(password). Due to the one-way property of cryptographically secure hash functions, it is impossible for the eavesdropper to reverse the hash function and obtain an earlier piece of the hash chain. In this example, the user could authenticate 1000 times before the hash chain is exhausted. Each time the hash value is different, and thus cannot be duplicated by an attacker.

[edit] See also

• Challenge-response authentication
• Hash list - In contrast to the recursive structure of hash chains, the elements of a hash list are independent of each other.
• Key strengthening - Another recursive hashing method.
• One-time password

[edit] References