Score:2

Crypto

Hash verification by key

ischenko

5/25/23, 6:48 PM

I want to implement the following algorithm, but don't know what tools to use.

D - data

I generate some universal value for D - Y
I generate some random key - K, get a hash of D by this key - H
I want to be able to have a function - F: F(Y, K, H) = true if H is correct and false otherwise.

The main goal: to prove the validity of hash of data by some key using only some piece of original data.

Usage: Say we have computers: A, B, C. A sends some data to B, then the data is deleted from A. Now, I want to be able to check (from nodes A, C) that B contains the data every 10 minutes, but I can't trust it, so I need some tool to be sure, that B isn't fooling me.

Answer: PDP (Proof of Data Posession)

0 + 0

hash

signature

hash-signature

kelalaka

5/25/23, 6:51 PM

Are you asking HMAC or more?

ischenko

5/25/23, 6:59 PM

@kelalaka I want to be able to prove that data exists on another device, so I want to send it requests with different keys, and receive hashes, then check the hashes by some piece of data (of fixed size) extracted from the original data

ischenko

5/25/23, 7:05 PM

@kelalaka added a usage section

ischenko

5/25/23, 7:11 PM

@kelakala I send requests with random keys, so B has to keep the data to calculate the hash for the given key (am I wrong?)

ischenko

5/25/23, 7:21 PM

yeah, that's the biggest problem, i must be able to verify the pair (key, hash) by some small piece of original data (but it must be impossible to get the hash (by a given key) from this snippet)

kelalaka

5/25/23, 7:26 PM

Use HMAC, send the key get the HMAC value to verify that, though you will have limited queries with the number of pairs you had stored. There may be a clever solution that I don't see now.

ischenko

5/25/23, 7:27 PM

@kelakala, moreover, I can't precalculate hashes, because the A node is neither trusted, so I must come up with some small data representation, that could work as a hash verifier.

kelalaka

5/25/23, 7:27 PM

Could you completely re-write your question including all details...

ischenko

5/25/23, 7:29 PM

oh, sorry for confusion

kelalaka

5/26/23, 12:31 AM

Please [don't cross-post](https://stackoverflow.com/q/70852888/1820553), only maintain one copy. [See this meta](https://meta.stackexchange.com/q/64068/403350)

knaccc

5/26/23, 11:03 AM

What exactly do you mean by "the A node is neither trusted"? Do you mean A can lie about what data it claims to have stored with B?

ischenko

5/26/23, 3:48 PM

@knaccc yes. The correct answer for was to use some PDP algorithm (Proof of data posession)

knaccc

5/26/23, 4:05 PM

It'd be interesting if you could explain exactly what PDP method satisfies the criteria in your question. As far as I can see, the simplest method of a random challenge $c$ and a response calculated as $H(c\mathbin\|data)$ would not satisfy your criteria.

ischenko

5/26/23, 7:17 PM

@knaccc I'm sorry I'm not really into cryptography, so I can make mistakes. I found out that there's a very powerful thing - homomorphic hashes and it seems like they can help me to build (or find an existing) algorithm, that would solve my problem.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Hash verification by key

TH: การตรวจสอบแฮชด้วยคีย์

RO: Verificare hash prin cheie

RU: Проверка хеша по ключу

VI: Xác minh băm bằng khóa

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.