Descrite Research
Descrite Research
Descrite Research
WRITEN BY:
1. Omar Ramadan Fattouh
2. Omar Amr Fareed
TABLE OF CONTENTS
Abstract ......................................................................................................... 2
the hashing family ......................................................................................... 3
hashing in data structure ............................................................................... 3
hashing in cybersecurity ................................................................................ 4
hashing in cryptography ................................................................................ 4
SHA-2 ............................................................................................................ 4
SHA-224..................................................................................................................................5
SHA-256..................................................................................................................................5
SHA-384..................................................................................................................................5
SHA-512..................................................................................................................................5
SHA-512/224 ...........................................................................................................................5
SHA-512/256 ...........................................................................................................................5
How does the SHA-2 algorithm work? .......................................................... 5
Converting to binary ...................................................................................... 6
SHA-2 AND PADDING .................................................................................. 7
impervious of SHA-256 ............................................................................. 10
The Sha-family steps .................................................................................. 10
Uses of SHA Algorithm ................................................................................ 13
Summary ..................................................................................................... 14
1
Abstract
2
THE HASHING FAMILY
Hashing is the manner of remodeling any given key or a string of characters into any other
value. This is normally represented through a shorter, fixed-length price or key that
represents and makes it less difficult to discover or hire the unique string.
The most famous use for hashing is the implementation of hash tables. A hash desk
shops key and cost pairs in a listing that is available thru its index. Because key and cost
pairs are unlimited, the hash characteristic will map the keys to the desk size. A hash
price then turns into the index for a particular element.
A hash characteristic generates new values in accordance to a mathematical
hashing algorithm, recognised as a hash cost or without a doubt a hash. To forestall the
conversion of hash lower back into the authentic key, a proper hash continually makes
use of a one-way hashing algorithm.
Hashing is applicable to -- however now not constrained to -- records indexing and
retrieval, digital signatures, cybersecurity and cryptography.
Dewey Decimal classification has labored properly in libraries for many years, and the
underlying thinking works simply as nicely in pc science. Software engineers can shop
each file area and time through shrinking the unique information property and enter
strings to brief alphanumeric hash keys.
When anybody is searching for an object on a statistics map, hashing helps slim down
the search. In this scenario, hash codes generate an index to save values. So, here,
hashing is used to index and retrieve statistics from a database due to the fact it helps
speed up the process; it is tons simpler to discover an object the usage of its shorter
hashed key than its authentic value.
3
HASHING IN CYBERSECURITY
algorithms use hashing to decorate cybersecurity. Hashed strings and inputs are
meaningless to hackers except a decryption key.
For example, if hackers breach a database and locate facts like "John Doe, Social
Security variety 273-76-1989," they can at once use that records for their nefarious
activities. However, a hashed price like "a87b3" is vain for risk actors except they have a
key to decipher it.
As such, hashing helps tightly closed passwords saved in a database.
HASHING IN CRYPTOGRAPHY
cryptography makes use of a couple of hash features to impenetrable data. Some of the
most famous cryptographic hashes encompass the following:
SHA-2
The SHA-256 algorithm is one taste of SHA-2 (Secure Hash Algorithm 2), which was once
created via the National Security Agency in 2001 as a successor to SHA-1. SHA-256 is
a patented cryptographic hash characteristic that outputs a fee that is 256 bits long.
Now we can get into the greater precise small print of SHA-2.
SHA-2 is no longer simply a single hash function, however a household of six. They are
at the same time referred to as SHA-2 due to the fact the household are the replacements
to SHA-1, which used to be simply a single algorithm. The SHA-2 household are as
follows:
4
SHA-224 – This model of SHA-2 produces a 224-bit hash. It has a block dimension of 512
bits, and the preliminary enter is divided into 32-bit phrases for processing. The initialization
variables are additionally 32 bits in length, as are the constants, K. Each block of information goes
via sixty four rounds of operations earlier than the last hash (or the intermediate hash, in instances
the place more than one blocks of information are being processed) is produced.
SHA-256 – SHA-256 effects in a 256-bit hash and has a 512-bit block size. The
message enter is processed in 32-bit words, whilst the initialization variables and
constants are also 32 bits in length. SHA-256 additionally entails sixty four rounds.
SHA-384 – This model produces a 384-bit hash. It differs from the prior two in that it
has a 1,024-bit block size. It additionally varies in that it has 64-bit words, initialization
variables and constants. Instead of sixty four rounds, it requires eighty rounds of
processing for every block of message data.
SHA-512 – SHA-512 outcomes in a 512-bit hash. Apart from that, it’s tons like SHA-
384 in that it has a 1,024-bit block size, 64-bit words, 64-bit initialization variables and 64-
bit constants. However, the precise initialization variables it starts with are distinct from
these in SHA-384. It additionally includes eighty rounds.
We will investigate how the SHA-2 algorithm works through an example, going through
each step that takes our message, “hashing is complicated”, and somehow gives us the
convoluted output of:
5
d6320decc80c83e4c17915ee5de8587bb8118258759b2453fce812d47d3
df56a
We will be demonstrating SHA-256 because it’s the most commonly used iteration. SHA-
224, SHA-384, SHA-512, SHA-512/224 and SHA-512/256 all work in a similar manner,
except that the two former algorithms have a block size of 512 bits, while the latter four
have a 1024-bit block size. Note that SHA-384, SHA-512, SHA-512/224 and SHA-
512/256 also include 80 rounds, rather than the 64 we will be describing.
They also use some slightly different input numbers at various points of the algorithm.
SHA-512/224 and SHA-512/256 are truncated versions of SHA-512, meaning that the
final hash is just the left-most 224 or 256 bits, respectively. You can refer to FIPS 180-4
for the specifics.
CONVERTING TO BINARY
6
01101000 01100001 01110011 01101000 01101001 01101110 01100111
00100000 01101001 01110011 00100000 01100011 01101111 01101101
01110000 01101100 01101001 01100011 01100001 01110100 01100101
01100100
The above makes zero sense to us as humans, but to machines, it says, “hashing is
complicated”.
ONCE WE HAVE REWRITTEN OUR PHRASE IN BINARY, THE NEXT STEP IS TO ADD
PADDING, WHICH IS ESSENTIALLY A BUNCH OF EXTRA DATA THAT WE ADD TO
OUR INPUT TO MAKE IT A FIXED LENGTH. IT ALSO HELPS TO PREVENT LENGTH
EXTENSION ATTACKS. THE DIFFERENT VERSIONS OF SHA-2 HAVE THE
FOLLOWING BLOCK SIZES:
THESE BLOCK SIZES ARE THE AMOUNT OF DATA THAT THE SHA-2 ALGORITHM
PROCESSES IN ONE GO. WE HAVE SHOWN THAT HASH FUNCTIONS ARE
CAPABLE OF PROCESSING INPUTS AS LONG AS THE DECLARATION OF
INDEPENDENCE (SHA-256 CAN ACTUALLY TAKE INPUTS THAT ARE ORDERS OF
MAGNITUDE LARGER, AT UP TO 264-1, WHICH IS SUCH A HUGE NUMBER THAT
YOU DON’T REALLY HAVE TO WORRY ABOUT THE ALGORITHM’S UPPER LIMITS).
HOWEVER, IT DOES NOT PROCESS THIS INFORMATION ALL IN ONE GO.
7
However, we often need to hash inputs that are far greater than 512 bits in length. In
these cases, the message is simply divided into blocks. If we needed to hash a 10,000-
bit message, it would simply need to be split across multiple 512-bit blocks.
In our example, we only have 176 bits of data, but need to fill up a 512-bit block. This
means that we will need to add 336 bits of padding to complete it. SHA-2 uses the
following padding scheme:
A “one” is added after the binary message data that is being hashed.
Then, zeros are added until the length of the input data plus the additional one from the
previous step add up to 448 bits. In our example, we have an input length of 176 bits,
plus the one from the previous step, bringing us up to 177 bits. Therefore, we need 448
minus 177 zeros. If we do the math, we have to add 271 zeros.
The final 64 bits of the final block (512 bits minus the 448 bits that we have already filled
up in the prior steps) are set aside to display the length of the message in binary. As we
are only dealing with one block of data, the end of it needs to include this 64-bit message
length. Our message length in bits is 176, which is 10110000 in binary. This will go at the
very end of the block, and the preceding numbers are filled up with more zeros (in cases
where we have a much larger input, these zeros will be replaced by the longer message
length written in binary).
If we put it all together, we end up with the following padded 512-bit block for the message
“hashing is complicated”:
If you count out the ones and zeros, you will see that there are 512 bits of data in the
above block. The first 176 bits are the input message in binary, “hashing is complicated”.
It’s followed by the 1, which we have bolded and underlined to make it easier to see. Then
we have the 271 zeros, followed by the 64-bit message length, which is also bolded and
underlined. This message length is preceded by zeros, as we mentioned earlier.
8
In SHA-384, SHA-512, SHA-512/224 and SHA-512/256, the padding scheme is
essentially the same, except that the blocks each need to be filled with 1024 bits of data
and the final block has the following differences:
In the second step, zeros are added until a length of 896 bits is reached, rather than 448
bits.
In the final step, 128 bits of the block are set aside for appending the message length.
If we were running through our example with SHA-384, SHA-512, SHA-512/224 or SHA-
512/256, the padded block would look much the same, except that it would have an extra
448 zeros from the second step, and another 64 zeros from the final step
Inputs greater than 448 bits (for SHA-224 and SHA-256) and 896 bits (for SHA-384, SHA-
512, SHA-512/224 and SHA-512/256)
We often need to hash message inputs that are greater than the block sizes of either 512
bits or 1024 bits, which means that we need to split the data across multiple blocks. The
cut-off point for splitting blocks is actually either 447 bits or 895 bits, because at least one
bit of padding, plus the 64-bit or the 128-bit message length must be included.
This means that if you have exactly 448 bits (or 896 bits) of data that you need to hash,
it will have to be split across two blocks. The first block will include the entirety of the data,
plus 64 (or 128) bits of padding (the one followed by 63 or 127 zeros).
The second block will have another 448 (or 896) zeros, with the 64-bit (or 128-bit)
message length tagged on at the end in the same way that we showed in the previous
section.
449 bits (or 897 bits) of data would also take up two blocks of data, and would instead
have a one plus 62 (or 126) zeros of padding before the message length.
On the other hand, 447 bits (or 895 bits) of data would just manage to fit in a single block.
It would include the 447 (or 895) bits, then padding of a single one, followed by the
message length of either 64 or 128 bits.
The system works the same for larger data inputs. The data is split across as many blocks
as it takes in order for all of the data to be included, plus at least one digit of padding and
with the 64-bit message length appended at the end of the final block. In the case of 5,000
bits of input data and the 512-bit block sizes of SHA-224 or SHA-256, the input would be
split across 10 blocks. The first nine would only include the input data, while the tenth
would include the final 392 bits of input data, a one, 55 zeros and then the 64-bit message
length at the end. This totals 5,120 bits of data, which is 10 multiplied by 512.
In the case of SHA-384, SHA-512, SHA-512/224 or SHA-512/256, those same 5,000 bits
of data would be split across six 1024-bit blocks. The first four would only include the
9
input data. The fifth block would include the final 904 bits of data, a one, and then 119
zeros as padding. The 5,000 bits of data doesn’t quite fit within five blocks because the
final 904 bits of data exceed the cutoff for the last block, which is 896 bits. The sixth block
would include 896 zeros and then the 128-bit message length at the end.
IMPERVIOUS OF SHA-256
SHA-256 is one of the most impervious hashing features on the market. The US
authorities requires its companies to shield sure touchy facts the use of SHA-256. While
the genuine small print of how SHA-256 works are classified, we understand that it is
constructed with a Merkle-Damgård shape derived from a one-way compression feature
itself created with the Davies-Meyer shape from a specialised block cipher.
Three homes make SHA-256 this secure. First, it is nearly not possible to reconstruct the
preliminary information from the hash value. A brute-force assault would want to make
2256 tries to generate the preliminary data. Second, having two messages with the equal
hash fee (called a collision) is extraordinarily unlikely. With 2256 viable hash values (more
than the range of atoms in the recognized universe), the possibility of two being the
identical is infinitesimally, unimaginably small. Finally, a minor trade to the unique facts
alters the hash price so a great deal that it’s now not obvious the new hash cost is derived
from comparable data; this is recognized as the avalanche effect.
You can divide the whole manner into 5 one of a kind segments, as noted below
PADDING BITS
It provides some more bits to the message, such that the size is precisely sixty four bits
quick of a more than one of 512. During the addition, the first bit must be one, and the
relaxation of it have to be stuffed with zeroes.
10
PADDING LENGTH
You can add sixty fouí bits of statistics now to make the íemaining plaintext a moíethan one
of 512. You can calculate these sixty fouí bits of chaíacteís with the aid ofmaking use of the
modulus to youí authentic cleaítext baííing the padding.
11
You also need to stoíe 64 diffeíent keys in an aííay, íanging fíom K[0] to K[63]. ľhey aíe
initialized as follows:
COMPRESSION FUNCTIONS
The whole message receives damaged down into a couple of blocks of 512 bits each. It
places every block thru sixty four rounds of operation, with the output of every block
serving as the enter for the following block. The complete manner is as follows:
12
While the cost of K[i] in all these rounds is pre-initialized, W[i] is any other enter that is
calculated in my opinion for every block, relying on the quantity of iterations being
processed at the moment.
OUTPUT
With every iteration, the remaining output of the block serves as the enter for the
subsequent block. The whole cycle continues repeating till you attain the remaining 512-
bit block ,and you then considerits output the remaining hash digest. This digest will be
of the size 256-bit, as per the identify of this algorithm.
With the SHA 256 algorithm being carried out utterly considering that the early 90s, there
are unique functions that you can seem into.
These SHA algorithms are broadly used in protection protocols and applications, together
with the ones such as TLS, PGP, SSL, IPsec, and S/MiME. These additionally locate their
location in all the majority of cryptanalytic methods and coding requirements which is
13
primarily aimed to see the functioning and working of majorly all governmental as nicely
as personal companies and institutions. Major giants nowadays such as Google,
Microsoft, or Mozilla have started out to propose the use of SHA-3 and cease the
utilization of the SHA-1 algorithm.
SUMMARY
14