CRYPTOGRAPHY AND NETWORK SECURITY

Presentation on

SECURE HASH ALGORITHM (SHA-256) USING

PYTHON

BY
D . S A I K U M A R - 1 D S 1 8 E C 11 6
S . R E D D Y T H R I N AT H - 1 D S 1 8 E C 1 4 0
S. SRI HARSHA PHANI - 1DS18EC151
 Introduction
The SHA-256 algorithm is one flavour of SHA-2(Secured Hash Algorithm 2) which was created by the
National Security Agency in 2001 as a successor to SHA-1. SHA-256 is a patented cryptographic hash
function that outputs a value that is 256 bits long.

The SHA-256 is a developed by the NSA & NIST joint development and has a multiple families such as
SHA-0,SHA-1,SHA-2 & SHA-3.

The significance of the 256 in the name stands for the final hash digest value, i.e. irrespective of the size of
plaintext/clear text, the hash value will always be 256 bits. The other algorithms in the SHA family are
more or less similar to SHA 256.

SHA-256, or Secure Hash Algorithm 256, is a hashing algorithm used to convert text of any length into a
fixed-size string of 256 bits (32 bytes).

SHA256 is irreversible as it is a hashing function, not an encryption function. Secondly, since SHA256 is
not an encryption function, it cannot be decrypted.
 Difference between hashing and encryption
Hashing
 Hashing involves the conversion of plain text
into a hash or digest. A digest cannot be
reversed into the original message.
 Protect with integrity.
 No key can be used for unlocking.
 One way channel.
 Relatively light.
 It is used in Major Linux distributions, gives
an MD5 hash for the downloads to verify that
the  file was not corrupted during transmission.
Encryption
 Encryption is the process of converting plain
text into cipher text by using algorithms. The
encrypted message can only be read by
knowing the encryption key.
 Protect with confidentiality.
 Requires key for unlocking.
 Two way channel.
 Relatively heavier.
 Skype to skype voice ,video, file transfer and
instant messages are encrypted.
 SHA Characteristics

• Message Length: The length of the cleartext should be less than 264 bits. The size needs to be in the
comparison area to keep the digest as random as possible.

• Digest Length: The length of the hash digest should be 256 bits in SHA 256 algorithm, 512 bits in SHA-
512, and so on. Bigger digests usually suggest significantly more calculations at the cost of speed and
space.

• Irreversible: By design, all hash functions such as the SHA 256 are irreversible. We should neither get a
plaintext when we have the digest beforehand nor should the digest provide its original value when we
pass it through the hash function again.
 Steps in SHA 256 algorithm
Padding Bits
It adds some extra bits to the message, such that the length is exactly 64 bits short of a multiple
of 512. During the addition, the first bit should be one, and the rest of it should be filled with
zeroes.

Padding Length
We can add 64 bits of data now to make the final plaintext a multiple of 512. We can calculate
these 64 bits of characters by applying the modulus to our original cleartext without the padding.
Initializing the buffers
We need to initialize the default values for eight buffers to be used in the rounds as follows (first 32 bits of the fractional parts of the
square roots of the first 8 primes 2..19) :

We also need to store 64 different keys in an array, ranging from K[0] to K[63]. They are initialized as follows (first 32 bits of the
fractional parts of the cube roots of the first 64 primes 2..311) :
Compression functions

The entire message gets broken down into multiple

blocks of 512 bits each. It puts each block through
64 rounds of operation, with the output of each
block serving as the input for the following block.
The entire process is as follows:

while the value of K[i] in all those rounds is pre-initialized, W[i] is another input that is calculated individually for
each block, depending on the number of iterations being processed at the moment.
Illustration of each round
 OUTPUT
 With each iteration, the final output of the block serves as the input for the next block. The entire cycle
keeps repeating until we reach the last 512-bit block, and we then consider its output as the final hash digest.
This digest will be of the length 256-bit, as per the name of this algorithm.
 With the SHA 256 algorithm being implemented thoroughly since the early 90s, there are specific
applications that we can look into.
 Applications
Digital Signature Verification: Digital signatures follow asymmetric encryption methodology to verify the
authenticity of a document/file. Hash algorithms like SHA 256 go a long way in ensuring the verification of
the signature.
Password Hashing: As discussed above, websites store user passwords in a hashed format for two benefits. It
helps foster a sense of privacy, and it lessens the load on the central database since all the digests are of similar
size.
SSL Handshake: The SSL handshake is a crucial segment of the web browsing sessions, and it’s done using
SHA functions. It consists of your web browsers and the web servers agreeing on encryption keys and hashing
authentication to prepare a secure connection.
Integrity Checks: As discussed above, verifying file integrity has been using variants like SHA 256 algorithm
and the MD5 algorithm. It helps maintain the full value functionality of files and makes sure they were not
altered in transit.
THANK YOU