Birthday Attack in Cryptography

What is Cryptography?

Cryptography is the methodology by which we convert information into special codes, and these codes can be understood by the sender and the receiver only. The reason for using cryptography is to save the data from cyber security attacks.

Cryptography is made of two words: 'crypt', which refers to hidden and 'graphy' means writing. So we write the information in a hidden form to save it from vulnerabilities and attacks.

There can be various types of cybersecurity attacks, and brute force attack is one of the common cybersecurity attacks.

What is Bruteforce Attack?

It is an attack in which hackers try to get the email, password and encryption keys through various methods.

What is Birthday Attack?

Birthday attach is also a cryptographic attack of the type of brute force attack. This attack is used to exploit the mathematics of a standard probability theory problem which is called the birthday paradox problem. The success of this attack is directly proportional to the number of collisions between those attacks, which are random and the degree of permutations.

Birthday Paradox Problem

The problem statement says, suppose we have a class of N students and one teacher in the class. The teacher wants to know the number of pairs of students who have a birthday on the same date. To get this solution, he asks for the birth date of every student and finds out the number of pairs.

Suppose he chooses one random date, like 5th November and wants to know the probability that at least one student has a birthday on 5th November. So for this, he will use the probability theory, and he will get the probability that no student has a birthday on 5th November, and it will subtract the result from 1 to get the desired result.

Let's suppose the number of students is equal to 30, so N=30

Probability of at least one student has birthday on 5th Nov = 1- (364/365)30 = 0.079 or 7.9%.

The probability that at least one student has a birthday on the date another student has a birthday

= 1 - 365! / ((365-n!)*(365)n) where n = 30 and the value will be around 0.7 or 70%

Explanation

In the above solution, we derived the formula for N students that at least two students have birthdays on the same date.

We can derive it by noting that nobody has a birthday on the same date and subtracting it from 1 to get the desired result.

(365/365)*(365-1/365)*(365-2/365)*...(365-n+1)/365 = 365!/((365-n!)*(365)n)

And the desired result = 1-365!/((365-n!)*(365)n)

Hash Function

The hash function in the cryptography is the function which takes the input of the variable size and returns the result as a string which has a fixed length. The output string is called the hash value of the input.

It is represented by H.

Result h =H(X) where x is the input

In cryptography, the Hash function should follow the following constraints:

  • The input variable of the function should be of variable size.
  • The output variable will always be of fixed length.
  • For any input X, H(X) is easier to compute.
  • H(X) should be collision-free.
  • H(X) is a one-way function.

One-way hash function

For any input X, we get the value of output Y through H(X) function.

So Y= H(X).

If we are given Y, and we can find out the hash function H for which H(X) = Y, then this function is called two-way or invertible. So, in cryptography, our hash function should be non-invertible which means it is impossible to get the hash function H with the output Y. It should be hard to invert.

Collision-free hash function

If for input X, the output of the hash function is H(X) and if it is possible that X is not equal to Y but H(X) = H(Y), then the current hash function is called a weakly collision-free hash function.

If for any input X, it is not possible to find out Y such that X is not equal to Y and H(X) = H(Y), then this is called a strongly collision-free function.

We can understand it by an example:

Example:

Let hash function H:M = {0,1}n for |M|>>2n

  • So, we will use the following steps to find the collision:
  • We will choose random messages as the input m1,m2….
  • For each mi, calculate the output ti where i= 1,2,3….
  • We will check for the collision if ti = tj, and if not found, then we will repeat this process.

Time Complexity:

The time complexity of the above algorithm will be O(2n/2).






Latest Courses