S. Erfani, ECE Dept.

, University of Windsor 0688-590-18 Network Security

4.14 Simple Hash Functions

All hash functions operate using the following general principles:

a) The input string is viewed as a sequence of n-byte blocks.

b) The input is processed one block at a time in an iterative fashion to produce

an n-bit hash function.

The simplest hash function is the list-by-list XOR of every block, expressed as
following:

Ci=bi1  bi2  · · ·  bim

Where

Ci=ith list of the hash code, 1in

M=number of n-bit blocks in the input

Bij=ith list in jth block

=XOR operation.

This is shown in Fig. 7.

bit 1 bit 2 …. bit n
b11 b21 bn1
Block1

Block2 b12 bn2

:
:
Block m b1m bnm

C1 C2 Cn
Hash
code

Figure 7: Simple Hash Function using Bitwise XOR.

Note1: Fig.7 produces a simple parity for each bit position, and is known as a
longitudinal redundancy check. It is reasonably effective for random data as a
data integrity check.

Oct. 9, 2003 1
 S. Erfani, ECE Dept., University of Windsor 0688-590-18 Network Security

Another scheme, originally proposed by NIST, used the simple XOR applied to
64 bit blocks of the message and then an encryption of the entire message that
used the cipher block-chaining (CBC) mode. In other words, given a message
consisting of a sequence of 64 bit blocks X 1, X2, …., XN, define the hash code C
as the block and append the hash code as the final block:

C = XN+1 = X1  X2  ….  XN
Next, encrypt the entire message plus hash code, using CBC mode to produce
the encrypted message Y1, Y2, …., YN+1.
Note 2: It was shown that the above scheme to produce a hash code is not
secure.

4.15 Secure Hash Algorithm

A cryptographic hash function uses a cryptographic function as part of the

hash function. An intruder or opponent would presumably not have access to the
cryptographic function. The intruder could modify the data or the hash value or
both but without knowing the Cryptographic relationship between the data and
the hash value, the intruder would be unlikely to be able to modify both in such a
way that they match. Thus, modifications could be detected at the recipient’s
end, with a probability depending on the strength of the cryptographic algorithm
and on the degree to which the data was reduced.

The secure hash algorithm ( SHA ) was developed by NIST in 1993 (FIPS
PUB180). A revised version referred to as SHA-1 was issued in 1995 ( FIPS PUB
180-1). The algorithm takes as input a message with a maximum length of less
than 2 64 bits

Figure 8: Message Digest Generating Using SHA-1

Oct. 9, 2003 2
 S. Erfani, ECE Dept., University of Windsor 0688-590-18 Network Security

And produces as output a 160-bit message digest. The input is processed in 512
– bit blocks. Figure 8 shows the overall processing of a message to produce a
digest. The processing consists of the following steps:

Step 1 - Append Padding bits

The (plaintext message is padded so that its length is congruent to 448 module
512. Padding is always added, even if the message is already of the desired
length. Thus the number of padding bits is in the range of 1 to 512. The padding
consists of a single 1-bit followed by the necessary number of 0-bits.

Step 2 - Append Length

A block of 64 bits is appended to the message. This block is treated as an

unsigned 64-bit integer and contains the length of the original message before
the padding.

The outcome of these two steps yields a message that is an integer multiple of
512 bits in length. In Figure 8 the expanded message is represented as the
sequence of 512-bit blocks Y0, Y1, ….., Y2-1, so that the total length of the
expanded message is L x 512 bits. Equivalently, the result is a multiple of 16
32-bit words. Let M [0…….N-1] denote the words of the resulting message, with
N an integer multiple of 16. Thus, N=Lx16.

Step 3 - Initialize MD Buffer

160-bit buffer is used to hold intermediate and final results of the hash function.
The buffer can be represented as five 32-bit registers (A,B,C,D,E). These
registers are initialized to the following 32-bit integers (hexadecimal values):

A = 67452301
B = EFCDAB89
C = 98BADCFF
D = 10325476
E = C3D2E1F0

Step 4 – Process Message in 512-bit (16-Word) Blocks

The heart of the algorithm is a module, known as compression function, that

consists of four rounds of processing 20 steps each. The logic is illustrated in
Figure 9 (on the next page). The four rounds have a similar structure, but each
uses a different primitive logical function, which we call f1, f2, f3, and f4.

Each round takes as input the current 512-bit block being processed, Y q and the
160-bit buffer value ABCDE and updates the contents of the buffer. Each round

Oct. 9, 2003 3
 S. Erfani, ECE Dept., University of Windsor 0688-590-18 Network Security

also uses an additive constant K t, where 0<= t <= 79 indicates one of the 80
steps across five rounds.

Figure 9: SHA-1 Processing of a Single 512-Bit Block

(SHA-1 Compression Function)

In fact, only four distinct constants are used. The values, in hexadecimal and
decimal, are as follows:

Step number Hexadecimal Take integer part

0<= t <= 19 Kt = 5A827999 [ 230 x 2 ½ ]

20<= t <= 39 Kt = 6ED9EBA1 [ 230 x 3 ½ ]

40<= t <= 59 Kt = 8F1BBCDC [ 230 x 5 ½ ]

60<= t <= 79 Kt = CA62C1D6 [ 230 x 10½ ]

Oct. 9, 2003 4
 S. Erfani, ECE Dept., University of Windsor 0688-590-18 Network Security

The output of the fourth round (eightieth step) is added to the input to the first
round, CVq , to produce CVq+1. The addition is done independently for each of the
five words in the buffer with each of the corresponding words in CV q , using
addition module 232.

Step 5 – Output

After all L 512-bit blocks have been processed, the output from the Lth stage is
the 160-bit message digest.

Note 1 The SHA-1 algorithm has the property that every bit of the hash
code is a function of every bit of the input. The complex repetition of the basic
function of ft produces results that are well mixed. It is unlikely that two messages
chosen at random will have the same hash code.

Note 2 The difficulty of coming up with two messages having the same
message digest is on the order of 2 80 operations. The difficulty of finding a
message with a given digest is on the order of 2 160 operations.

Note 3 There are other secure hash algorithms:

1) MD5 - The MD5 message-digest algorithm was

developed by Ron Rivest. It takes as input a message of
arbitrary length and produces as output a 128-bit
message-digest. The input is processed in 512-bit blocks.
It is shown that MD5 is vulnerable to cryptanalysis.

2) RIPEMD -160 - This algorithm was developed

under the European RACE Integrity Primitive Evaluation
(RIPE) project, by a group of researchers, who launched
partially successful attacks on MD4 and MD5. RIPEMD-
160 is quite similar to SHA-1. The algorithm takes as
input a message of arbitrary length and produces as
output a 160-bit message digest. The input is processed
in 512-bit blocks.

Oct. 9, 2003 5