Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
7 views

3 Hash Functions

Uploaded by

junaidakhtar.ecc
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
7 views

3 Hash Functions

Uploaded by

junaidakhtar.ecc
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 29

Cryptographic

Hash Functions
Message and Message Digest

• The electronic equivalent of the document and fingerprint pair


is the message and digest pair.
• To preserve the integrity of a message, the message is passed
through an algorithm called a cryptographic hash function.
• To check the integrity of a message, or document, we run the
cryptographic hash function again and compare the new
message digest with the previous one.
• If both are the same, we are sure that the original message has
not been changed.
Hash Function

• A Hash Function produces a fingerprint of


some file/message/data
h = H(M)
 Condenses a variable-length message M to a fixed-
sized fingerprint
• Assumed to be public
Requirements for Hash Functions

1. Can be applied to any sized message M


2. Produces fixed-length output h
3. It is easy to compute h=H(M) for any message M
4. Given h it is infeasible to find x s.t. H(x)=h
• One-way property
5. Given x it is infeasible to find y s.t. H(y)=H(x)
• weak collision resistance
6. It is infeasible to find any x,y s.t. H(y)=H(x)
• Strong collision resistance
Iterated Hash Function

Merkle-Damgard scheme
Two Groups of Compression Functions

1. The compression function is made from scratch.

Message Digest (MD)

2. A symmetric-key block cipher serves as a compression


function.
Whirlpool
Continued
SHA-512
• SHA-512 is the version of SHA with a 512-bit message digest.
This version, like the others in the SHA family of algorithms,
is based on the Merkle-Damgard scheme.
• It creates a digest of 512 bits from a multiple-block message.
Each block is 1024 bits in length.
• The digest is initialized to a predetermined value of 512 bits.
• The algorithm mixes this initial value with the first block of the
message to create the first intermediate message digest of 512
bits.
• This digest is then mixed with the second block of the message
to create the second intermediate digest.
• Finally, Nth digest is the message digest for the entire message.
Introduction

Message digest creation SHA-512


Continued

Message Preparation
SHA-512 insists that the length of the original message be
less than 2128 bits.

Note

SHA-512 creates a 512-bit message digest out of a


message less than 2128.
Continued

Padding and length field in SHA-512

SHA-512 requires the addition of a 128 bit unsigned-integer field to the


message that defines the length of the message in bits.
Here we need to pad the original message to make the length a multiple
of 1024.
The length of the padding field can be calculated as:
(|M| + |P| + 128) = 0 mod 1024 → |P| = (- |M| - 128) mod 1024
Continued

Example 1

What is the number of padding bits if the length of the original


message is 2590 bits?
Solution
We can calculate the number of padding bits as follows:

The padding consists of one 1 followed by 353 0’s.


Continued

Example 2

Do we need padding if the length of the original message is already a


multiple of 1024 bits?

Solution
Yes we do, because we need to add the length field. So padding is
needed to make the new block a multiple of 1024 bits.
Continued

Words
SHA-512 operates on words; it is word oriented. A word is defined
as
64A bits.
message block and the digest as words
Continued

Word Expansion
• Before processing, each message block must be expanded.
• A block is made of 1024 bits, or sixteen 64-bit words.
• SHA-512 requires 80 words in the processing phase. So the
16-word block needs to be expanded to 80 words, from W0
to W79.
• Each word in the range W16 to W79 is made from four
previously-made words as shown in the figure on next slide.
Continued

Word Expansion
Word expansion in SHA-512
Continued

Example 3

Show how W60 is made.


Solution
Each word in the range W16 to W79 is made from four previously-made
words. W60 is made as
Continued

Message Digest Initialization


• The values of constants are calculated from the first eight
prime numbers (2, 3, 5, 7, 11, 13, 17, and 19).
• Each value is the fraction part of the square root of the
corresponding prime number after converting to binary and
keeping only the first 64 bits.
• For example, the eighth prime number is 19, with the square
root (19)1/2 = 4.35889894354. Converting the number binary
with only 64 bits in the fraction part, we get
• (100.0101 1011 …….1001)2 → (4.5BE0CD19137E2179)16
• SHA-512 keeps the fraction part, (5BE0CD19137E2179)16
Continued

Message Digest Initialization


Compression Function
Compression function in SHA-512
Continued

Structure of each round in SHA-512

• In each round, eight new values for the 64-bit buffers are
created from the values of the buffers in the previous round.
• As shown in the figure on the next slide, the six buffers (B, C,
D, F, G, and H) are the exact copies of one of the buffers in
the previous round, and two of the new buffers (A and E)
receive their inputs from some complex functions.
• Complex functions involve some of the previous buffers, the
corresponding word for this round (Wi), and the corresponding
constant for this round (Ki).
Continued
Structure of each round in SHA-512
Continued

Majority Function
It is a bitwise function. It takes three corresponding bits from
three buffers (A, B, and C) and calculates the resulting bit.

Conditional Function
It is also a bitwise function. It takes three corresponding bits from
three buffers (E, F, and G) and calculates the resulting bit.
Continued

Rotate Functions
It right-rotates the three instances of the same buffer (A or E). The
function, RotRi(x), right-rotates its argument by i bits; it is actually a
circular shift-right operation.

Addition operator ( )
The addition operator used in the process is addition modulo 2 64. This
means that the result of adding two or more buffers is always a 64-bit
word.
Continued
Continued

There are 80 constants, K0 to K79, each of 64 bits. Similar


to the initial values for the eight digest buffers, these values
are calculated from the first 80 prime numbers (2, 3,…,
409). For example, the 80th prime is 409, with the cubic
root (409)1/3 = 7.42291412044. Converting this number to
binary with only 64 bits in the fraction part, we get

The fraction part: (6C44198C4A475817)16


Continued

Example 4
We apply the Majority function on buffers A, B, and C. If the leftmost
hexadecimal digits of these buffers are 0x7, 0xA, and 0xE,
respectively, what is the leftmost digit of the result?
Solution
The digits in binary are 0111, 1010, and 1110.
a. The first bits are 0, 1, and 1. The majority is 1.
b. The second bits are 1, 0, and 1. The majority is 1.
c. The third bits are 1, 1, and 1. The majority is 1.
d. The fourth bits are 1, 0, and 0. The majority is 0.
The result is 1110, or 0xE in hexadecimal.
Continued

Example 5
We apply the Conditional function on E, F, and G buffers. If the
leftmost hexadecimal digits of these buffers are 0x9, 0xA, and 0xF
respectively, what is the leftmost digit of the result?
Solution
The digits in binary are 1001, 1010, and 1111.
a. The first bits are 1, 1, and 1. The result is F1, which is 1.
b. The second bits are 0, 0, and 1. The result is G2, which is 1.
c. The third bits are 0, 1, and 1. The result is G3, which is 1.
d. The fourth bits are 1, 0, and 1. The result is F4, which is 0.
The result is 1110, or 0xE in hexadecimal.
End

You might also like