Professional Documents
Culture Documents
Security
SECURE HASH ALGORITHM (SHA)
2
SHA
• Published by National Institute of Standards and Technology
(NIST) in the year of 1993.
• It is used for - data integrity and authentication.
• The various version of SHA are
3
SHA
• SHA originally designed by NIST & NSA in 1993
• was revised in 1995 as SHA-1
• US standard for use with DSA signature scheme
– standard is FIPS 180-1 1995, also Internet RFC3174
• Based on design of MD4 with key differences
• Produces 160-bit hash values
• Recent 2005 results on security of SHA-1 have raised
concerns on its use in future applications
4
SHA
• NIST issued revision FIPS 180-2 in 2002
• Adds 3 additional versions of SHA
– SHA-256, SHA-384, SHA-512
• Designed for compatibility with increased security
provided by the AES cipher
• Structure & detail is similar to SHA-1
• Hence analysis should be similar
• But security levels are rather higher
5
SHA 512
• Plain text is processed in terms of blocks
• Input - 1024 bits size of Blocks
• Output - 512 bits size of Message Digest
• Processing of messages – 1024 bits
• Steps involve in SHA 512 are
1. Append Padding Bits
2. Append Length Bits
3. Initialize MD buffer
4. Process Each 1024-bit Block
5. Output 6
SHA
7
SHA 512
8
SHA 512
9
SHA 512
Append Padding Bits: ASCII
Original Message is “abc” a 61
b 62
• Message in binary c 63
abc => 01100001 01100010 01100011
• Message length (M) = 24 bits.
Needed,
Message length (M) ≡ 896 mod 1024
24 ≡ 896 mod 1024
24 mod 1024 = 896
24 ≠ 896
24 + 872 mod 1024 = 896
896 = 896
Pad 872 bits to message such that M mod 1024=896
872 bits to be padded → 1 bit followed by 871 zeros 10
11
SHA 512
abc 01100001 01100010 01100011
6 1 6 2 6 3
14
Practice
Input original message length = 2348
Find the number of bits need to pad?
Message length (M) 2348 ≡ 896 mod 1024
2348 mod 1024 = 896
300 ≠ 896
2348 + 596 mod 1024 = 896
896 = 896
Pad 596 bits to message such that M mod 1024=896
596 bits to be padded → 1 bit followed by 595 zeros
8*64=512
17
SHA 512
Module F
Message scheduling
18
SHA 512
20
SHA 512
21
SHA 512 Round Constants (K0 to K79) SHA 512
Round Operation
23
SHA 512
• After all N number of 1024-bit blocks have
been processed, the output from the Nth block
is the 512-bit message digest.
24
Practice
Given a plain text “FLY”. Using SHA-512 algorithm, Derive the following
information. Consider the ASCII values for the plaintext F-70 L-76 Y-121
• Find the length of padding bits.
• Derive theeighteen 64 bit words (W0 to W17) in hexa-decimal format.
• Apply the majority function of round operation on buffers A, B, and C.
• Apply the condition function of round operation on buffers E, F, and G.
Consider the following values for the buffers.
A - 01100001
B - 01100010
C - 01100011
E - 01100101
F - 01100110
G - 01100111
25