Professional Documents
Culture Documents
for i = 1 to N
1. Prepare the message schedule W:
for t = 0 to 15
Wt = Mi,t
for t = 16 to 79
Wt = s 1512 (Wt-2 ) + Wt-7 + s 0512 (Wt-15 ) + Wt-16
2. Initialize the working variables
a = Hi–1,0 e = Hi–1,4
b = Hi–1,1 f = Hi–1,5
c = Hi–1,2 g = Hi–1,6
d = Hi–1,3 h = Hi–1,7
3. Perform the main hash computation
for t = 0 to 79
T1 = h + Ch(e, f, g) + (å e) + W + K
512
1 t t
T2 = (å a) + Maj(a, b, c)
512
0
h = g
g = f
f = e
e = d + T1
d = c
c = b
b = a
a = T1 + T2
4. Compute the intermediate hash value
Hi,0 = a + Hi–1,0 Hi,4 = e + Hi–1,4
Hi,1 = b + Hi–1,1 Hi,5 = f + Hi–1,5
Hi,2 = c + Hi–1,2 Hi,6 = g + Hi–1,6
Hi,3 = d + Hi–1,3 Hi,7 = h + Hi–1,7
return {HN,0 || HN,1 || HN,2 || HN,3 || HN,4 || HN,5 || HN,6 || HN,7}
VIT/SCOPE/BCSE-309L/MODULE 4
Example 1…
VIT/SCOPE/BCSE-309L/MODULE 4
Example 1…
VIT/SCOPE/BCSE-309L/MODULE 4
Example 1…
VIT/SCOPE/BCSE-309L/MODULE 4
Example 1…
VIT/SCOPE/BCSE-309L/MODULE 4
Example 1…
VIT/SCOPE/BCSE-309L/MODULE 4
Example 2
▪ Suppose now that we change the input message by one bit, from “abc” to “cbc.”
▪ Then, the 1024-bit message block is
6362638000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 0000000000000000 0000000000000000 0000000000000018
VIT/SCOPE/BCSE-309L/MODULE 4
The need of new Hash standard
➢ MD5 should be considered cryptographically broken and
unsuitable for further use, US CERT 2010
➢ In 2004, a collision for the full SHA-0 algorithm was
announced
➢ SHA-1 not yet fully “broken”
➢ but similar to the broken MD5 & SHA-0
➢ so considered insecure and be fade out
➢ SHA-2 (esp. SHA-512) seems secure
➢ shares same structure and mathematical operations
as predecessors so have concern
VIT/SCOPE/BCSE-309L/MODULE 4
SHA-3 Requirements
➢ NIST announced in 2007 a competition for the SHA-3 next
generation hash function
➢ Replace SHA-2 with SHA-3 in any use
➢ so use same hash sizes
➢ Preserve the nature of SHA-2 (Must process small blocks (512 /
1024 bits)
➢ Evaluation criteria
➢ Security close to theoretical max for hash sizes
➢ Cost in time & memory
➢ Characteristics: such as flexibility & simplicity
➢ The winning design(Keccak) for SHA-3 was announced by NIST in
October 2012 and published as FIP 102 in August 2015.
VIT/SCOPE/BCSE-309L/MODULE 4
Review Questions
What is the padding for SHA-512 if the length of the
message is:
5120 bits
5121 bits
6143 bits
VIT/SCOPE/BCSE-309L/MODULE 4