HMAC

I’m adding this here because cryptodox is now offline.

HMAC

In cryptography, a keyed-Hash Message Authentication Code, or HMAC, is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. As with any MAC, it may be used to simultaneously verify both the data integrity and the authenticity of a message. Any iterative cryptographic hash function, such as MD5 or SHA-1, may be used in the calculation of an HMAC; the resulting MAC algorithm is termed HMAC-MD5 or HMAC-SHA-1 accordingly. The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, on the size and quality of the key and the size of the hash output length in bits.

An iterative hash function breaks up a message into blocks of a fixed size and iterates over them with a compression function. For example, MD5 and SHA-1 operate on 512-bit blocks. The size of the output of HMAC is the same as that of the underlying hash function (128 or 160 bits in the case of MD5 and SHA-1), although it can be truncated if desired. Truncating the hash image reduces the security of the MAC which is upper bound by the birthday attack.

The construction and analysis of HMACs was first published in 1996 by Mihir Bellare, Ran Canetti, and Hugo Krawczyk, who also wrote RFC 2104. FIPS PUB 198 generalizes and standardizes the use of HMACs. HMAC-SHA-1 and HMAC-MD5 are used within the IPsec and TLS protocols.

Definition

1

 

where h is an iterated hash function, K is a secret key padded with extra zeros to the block size of the hash function, m is the message to be authenticated,  denotes concatenation, ⊕ denotes exclusive or, and the outer padding opad = 0x5c5c5c…5c5c and inner padding  ipad =  0x363636…3636 are two one-block–long hexadecimal constants.

Implementation

The following pseudocode demonstrates how HMAC may be implemented.


function hmac (key, message)
    opad = [0x5c * blocksize] // Where blocksize is that of the underlying hash function
    ipad = [0x36 * blocksize]

    if (length(key) > blocksize) then
        key = hash(key) // Where 'hash' is the underlying hash function
    end if

    for i from 0 to length(key) - 1 step 1
        ipad[i] = ipad[i] XOR key[i]
        opad[i] = opad[i] XOR key[i]
    end for

    return hash(opad || hash(ipad || message)) // Where || is concatenation
end function

Example usage

A pizza restaurant that suffers from attackers that place bogus Internet orders may insist that all its customers deposit a secret key with the restaurant. Along with an order, a customer must supply the order’s HMAC digest, computed using the customer’s secret key. The restaurant, knowing the customer’s secret key, can then verify that the order originated from the stated customer and has not been tampered with.

Security

The cryptographic strength of the HMAC depends upon the cryptographic strength of the underlying hash function, on the size and quality of the key and the size of the hash output length in bits. As outlined in “Keying Hash Functions for Message Authentication”, MACs can be vulnerable to birthday, collision, extension, and other attacks.

In the recently (2006) published paper “On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1”, by Jongsung Kim, Alex Biryukov, Bart Preneel, Seokhie Hong, claim to have devised: “two new distinguishers of the structure of HMAC, called differential and rectangle distinguishers, and use them to discuss the security of HMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1. We show how to distinguish HMAC with reduced or full versions of these cryptographic hash functions from a random function or from HMAC with a random function. We also show how to use our differential distinguisher to devise a forgery attack on HMAC. Our distinguishing and forgery attacks can also be mounted on NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1. Furthermore, we show that our differential and rectangle distinguishers can lead to second-preimage attacks on HMAC and NMAC.”. They go on to claim: “With these distinguishing and forgery attacks we have shown that HMAC with the full versions of 3-pass HAVAL and SHA-0 can be distinguished from HMAC with a random function, and HMAC with the full version of MD4 can be forged. These distinguishing and forgery attacks have also been applied to HMAC based on reduced versions of MD5 and SHA-1. All these attacks do not contradict the security proof of HMAC, but they improve our understanding of the security of HMAC based on existing cryptographic hash functions.”

 

External links

References

  • Mihir Bellare, Ran Canetti and Hugo Krawczyk, Keying Hash Functions for Message Authentication, CRYPTO 1996, pp1–15 (PS or PDF).
  • Mihir Bellare, Ran Canetti and Hugo Krawczyk, Message authentication using hash functions: The HMAC construction, CryptoBytes 2(1), Spring 1996 (PS or PDF).
  • Jongsung Kim, Alex Biryukov, Bart Preneel, Seokhie Hong, “On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1”, 2006. (pdf)
Tagged , ,

A good way to add a column to a table with millions of records, without locking resources.

Whenever you manage a database and reach a certain amount of records, some things just aren’t the same anymore.

Try adding a column, an index or even worse a FULL TEXT index. This can lock up your resources and hurt your i/o drastically, you don’t want this to happen on a production environment.
But sometimes you just have to do what you have to do.
Note:the effect often depends on your database engine e.g. innoDB

Here is a cool way to add a column without locking your resources:


CREATE TABLE big_table_copy LIKE big_table;
ALTER TABLE big_table_copy ADD COLUMN some_new_column varchar(256);
INSERT INTO big_table_copy (fields_in_big_table) SELECT * FROM big_table;
RENAME TABLE big_table TO big_table_old, big_table_copy TO big_table ; 
# DROP TABLE big_table_old;

Note: You might not want to delete the big_table_old to check if any new records were added while this query was running. And make sure they also are added in the new big_table

Tagged , , , ,

How to not lose the autocomplete magic in your MCV views.

Like most MCV frameworks the controller passes the variable to the view.

Something like this in codeigniter:


$data["user"] = User::find($id);
$this->load->view('user/profile', $data);

Or Laravel:


$data["user"] = User::find($id);
return View::make('user.profile', $data);

Now if we would try to get some autocomplete the $user var in view we get nothing.

autocomplete, no suggestion

Was it getName(), getSurname() … no I’m pretty sure it was getLastName()..Ah we’ll need to look it up in the Class.

What! But Why? I’ve paid good money for this IDE and it’s awesome autocomplete function, why doesn’t it work??

First of all, don’t blame your IDE dummy. How would it know wat those resources are? It doesn’t.

Now heres the magic how it does:

Just add the @var PHPDoc to your view, just as you would in a Class.


/*@var $user User*/

No more “no suggestions”.

Whoohoo it works!

Whoohoo it works!

PS. MOST IDE will make the magic happen, the only one I’ve tested which doesn’t is Netbeans. Be free to add more in comments.

Tagged , , ,

How to check when a field value from one table does not exists in another table

Let’s say we need to list every person which does not have an account.

Thus a person record that does not have a account record.

There’s multiple ways of doing this, each way may be more efficient depending on table sizes.

NOT IN
The easiest but not necessarily the most efficient depending on the account table size.

SELECT *
FROM Persons
WHERE id NOT IN (SELECT person_id FROM accounts)

NOT EXISTS
The title says it, and it’s designed specially for our goal

SELECT *
FROM Persons
WHERE NOT EXISTS
(SELECT person_id
FROM accounts
WHERE accounts.person_id = persons.id)

LEFT OUTER JOIN (IS NULL)
The left outer join is probably quickest in the general case as it prevents repeated execution of the subquery.

SELECT *
FROM Persons
LEFT OUTER JOIN accounts
ON (persons.id = accounts.person_id)
WHERE accounts.person_id IS NULL
Tagged , ,

One of my favorite answers on stackoverflow

I’ll add the entire post below, but please also read it on stackoverflow the answer deserves the attention.

Thank you Jon for some great code and explanation.

Introducing: a very generalized solution for PHP 5.3+

I ‘d like to add my own solution here, since it offers features that other answers do not.

Specifically, advantages of this solution include:

  1. It’s reusable: you specify the sort column as a variable instead of hardcoding it.
  2. It’s flexible: you can specify multiple sort columns (as many as you want) — additional columns are used as tiebreakers between items that initially compare equal.
  3. It’s reversible: you can specify that the sort should be reversed — individually for each column.
  4. It’s extensible: if the data set contains columns that cannot be compared in a “dumb” manner (e.g. date strings) you can also specify how to convert these items to a value that can be directly compared (e.g. aDateTime instance).
  5. It’s associative if you want: this code takes care of sorting items, but you select the actual sort function (usort or uasort).
  6. Finally, it does not use array_multisort: while array_multisort is convenient, it depends on creating a projection of all your input data before sorting. This consumes time and memory and may be simply prohibitive if your data set is large.

Continue reading

Tagged , , ,

Non-procedural datetime conversions

Aren’t you tired of using  strtotime() and messing up timezones / DST now and then?

Here’s the OOP way, easy to understand and maintain! whoohoo!

Converting a UTC datetimestamp to your local date time.:

$my_utc_datetime = '11-14-2013 10:38:00'; // November 14th
$utc_datetime_object = DateTime::createFromFormat(
    'm-d-Y H:i:s',           // current format
    $my_utc_datetime,        // the datetimestamp
    new DateTimeZone('UTC')  // the origin timezone
);
// Now let's convert it to amsterdam time
$amsterdam_datetime = $utc_datetime_object;
$amsterdam_datetime->setTimeZone(new DateTimeZone('Europe/Amsterdam'));
echo $amsterdam_datetime->format('Y-m-d H:i:s'); // This will echo amsteram datetime

And the good news this will take DST into account!

No more daylight saving time problems!

PHP.net:

DateTime
DateTime::createFromFormat()

Tagged , , , ,