Professional Documents
Culture Documents
5.1 - Criptography - Hash Func 2.0
5.1 - Criptography - Hash Func 2.0
HASH FUNCTIONS
• A hash function is any function that can be used to map digital information of any length to digital data of fixed size.
• The values returned by a hash function are called hash values, hash codes, hash sums, or simply hashes.
• Hash functions can be used for:
• Checksums
• Check digits
• Fingerprints
• Randomization functions
• Error-correcting codes
• Public Key Ciphers
CRYPTOGRAPHIC HASH FUNCTION
• A cryptographic hash function Is a one-way function that allows to verify that
some input data maps to a given hash value.
• The input data is often called the message, and the hash value is often called
the message digest or simply the digest.
• If the input data is unknown, it is extremely difficult to reconstruct such a data
by only knowing the hash value.
• In Cryptography, Hash function are user for:
• Provide integrity of transmitted data
• Provide message authentication
HASHING MESSAGES
• A Hash Function is a one-way function that creates a fixed-size fingerprint of an input.
• Input can have any size but the output will have a fixed size. (128 bits,160 bits or 256 bits).
• A good hash algorithm should:
• Accept any size input.
• Produce a fixed sized output to any input.
• The hash result should not reveal any information about the input.
• It should be impossible to produce an specific hash.
• It should be impossible to find two different messages that produce the same hash result.
• Used for
• Produce fixed-size fingerprints of any
HASH length documents.
ALGORITHMS • Produce useful information to detect
APPLICATIONS malicious modifications.
• Translate passwords to a fixed-size
representation.
• The ideal cryptographic hash function has four
main properties.
1. It is easy to compute the hash value for any
given message.
HASH FUNCTION 2. It is infeasible to generate a message from its
PROPERTIES hash.
3. It is infeasible to modify a message without
changing the hash.
4. It is infeasible to find two different messages
with the same hash.
HASH FUNCTION PROPERTIES
• There is no perfect Hash Function, but at least the following properties should be fulfilled.
1. Pre-image resistance. Given a hash value h it should be difficult to find any message m such that h
= hash(m). This concept is related to that of one-way function.
2. Second pre-image resistance. Given an input m1 it should be difficult to find different input m2
such that hash(m1) = hash(m2).
3. Collision resistance. It should be difficult to find two different messages m1 and m2 such that
hash(m1) = hash(m2). Such a pair is called a cryptographic hash collision.
HASH FUNCTION
BASIC SCHEME
acd!
$&^
df83
df
http://youtu.be/aLvwpJcOy6s
SHA-1 Basic Scheme
a b c d e
IV ABCDE
Non-linear
160 bits register function
A16 = 67452301 <<< 30
B16 = EFCDAB89
+
C16 = 98BADCFE
D16 = 10325476 <<< 5 +
E16 = C3D2E1F0
Text blocks created using
blocks of 16 words.
+
Wt 32 bits
After the last operation, the data A constant in each of
the four rounds. +
is shifted to the right. Kt 32 bits
Addition
+
mod 232
F, G, H, I functions in SHA-1
Shifting the register
F (b, c, d) ® vueltas t = 0 a 19 e
a b
a b
c d
c d
e
(b AND c) OR ((NOT b) AND d)
G (b, c, d) ® vueltas t = 20 a 39
This process is repeated for
b XOR c XOR d function F for the rest of the
H (b, c, d) ® vueltas t = 40 a 59 15 words of 32 bits of the
(b AND c) OR (b AND d) OR (c AND block until reach 20. In
d) rounds 2, 3 and 4 the process
I (b, c, d) ® vueltas t = 60 a 79 is repeated with functions G,
b XOR c XOR d H and I.
http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html
SHA 2 AND SHA 3
SHA-2
• SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by NSA
published in 2001. They are built using the Merkle–Damgård structure, from a one-way
compression function itself built using the Davies–Meyer structure from a (classified)
specialized block cipher.
• SHA-2 basically consists of two hash algorithms: SHA-256 and SHA-512. SHA-224 is a
variant of SHA-256 with different starting values and truncated output. SHA-384 and the
lesser-known SHA-512/224 and SHA-512/256 are all variants of SHA-512. SHA-512 is more
secure than SHA-256 and is commonly faster.
• The output size in bits is given by the extension to the "SHA" name: SHA-224, SHA-256,
SHA-384 and SHA-512.
• SHA-2 is widely used by developers and in cryptography and is considered cryptographically
strong enough for modern commercial applications.
• It is also used in the Bitcoin blockchain, for identifying the transaction hashes and for the
proof-of-work mining performed by the miners.
HOW?
1. Add padding bits to the original message. To extend the total length of the original input so it’s 64 bits
short of any multiple of 512 (i.e., 448 mod 512). For that a 1 and a the necessary 0s are added until it
equals 448 bits.
2. Add length bits to the end of the padded message. 64 bits are appended to the end of the padded
message so that it becomes a multiple of 512.
3. Initialize MD buffer to compute the message digest. The buffer is represented as eight 32-bit registers
(A, B, C, D, E, F, G, H).
4. Process the message in successive 512 bits blocks. The message is broken into 512 bits chunks, and
each chunk goes through a complex process and 64 rounds of compression. The value obtained after
each compression is added to the current hash value.
5. Produce a final 256 bits (or 512) hash value. The final hash value or digest is concatenated (linked
together) based on all the chunk values resulting from the processing step.
SHA-3
• SHA-3 (Secure Hash Algorithm 3) was released by NIST in August 2015.
• SHA-3 is a subset of the broader cryptographic primitive family Keccak. The Keccak algorithm is the
work of Guido Bertoni, Joan Daemen, Michael Peeters, and Gilles Van Assche.
• Keccak is based on a sponge construction which can also be used to build other cryptographic
primitives such stream ciphers.
• SHA-3 provides the same output sizes as SHA-2: 224, 256, 384, and 512 bits.
• Configurable output sizes can also be obtained using the SHAKE-128 and SHAKE-256 functions.
• The hash function Keccak-256, which is used in the Ethereum blockchain, is a variant of SHA3-256
with some constants changed in the code.
HOW?
1. Add padding bits to the original message. This way the total length is an exact multiple of the rate
of the corresponding hash function. In this case, as we’ve chosen SHA3-224, it must be a multiple
of 1152 bits (144 bytes). The SHA-3 process largely falls within two main categories of actions:
“absorbing” and “squeezing”.
2. Absorb the padded message values to start calculating the hash value. The padded message is
partitioned into fixed size blocks. Then each block goes through a series of permutation rounds of
five operations a total of 24 times. At the end, we get an internal state size of 1600 bits.
3. Squeeze to extract the hash value. This is where the message is extracted (squeezed out). The
1600 bits obtained with the absorption operation is segregated on the basis of the related rate
and capacity (the “r” and “c” we mentioned in the image caption above).
4. Produce the final hash value. Finally, the first 224 bits are extracted from the 1152 bits (SHA3-
224’s rate). The extracted value of 224 bits is the hash digest of the whole message.
SHA-2 SHA-3
MD5 SHA-1
(224 & 256/384 & 512) (224/256/384/512)
Available
1992 1995 2002 2008
Since
Block Size 1152/1088/8
512 bits 512 bits 512/1024 bits
32/576
Hash Digest
Size (Output) 128 bits 160 bits 256 bits, 512 bits 224/256/384/512 bits
Rounds of
80 (4 groups of 20 64 (SHA-224 /SHA-256)
Operations 64 24
rounds) 80 (SHA0384/SHA-512)
Construction
Merkle–Damgård Merkle–Damgård Merkle–Damgård Sponge (Keccak)
• Practical Cryptography for Developers, Svetlin Nakov, SoftUni, ISBN: 978-619-00-0870-5, 2018.
• Menezes, Alfred J.; van Oorschot, Paul C.; Vanstone, Scott A (1996). Handbook of Applied Cryptography.
CRC Press. ISBN 978-0849385230.