SECURE HASH

ALGORITHM
A SEARIES OF SHA…
Secure Hash Algorithm
 SHA originally designed by NIST & NSA in
1993
 was revised in 1995 as SHA-1
 based on design of MD5 with key
differences
 produces 160-bit hash values
 2005 results on security of SHA-1 have
raised concerns on its use in future
applications
How SHA Works?
 Digest Length=160 bit
 I/P Text=512 bit
 Sub Block size=32bit
 512/32=16 total Sub blocks
 No. Of Rounds=4
 Iteration per round=20
 Chaining Variable = 5*32=160
 K[t] constant= Where t=0 to 79
 O/P-> five 32 bit blocks
 SHA Overview
1. Padding: Length of the message is 64 bits
short of multiple of 512 after padding.
2. Append a 64-bit length value of original
message is taken.
3. Divide the input into 512-bit blocks
4. Initialise CV 5-word (160-bit) buffer
(A,B,C,D,E) to
(A=01 23 45 67,
B=89 AB CD EF,
C=FE DC BA 98,
D=76 54 32 10,
 Continue…
5. Process Blocks now the actual algorithm
begins. message in 16-word (512-bit)
chunks:
 Copy CV into single register for storing temporary
intermediate as well as the final results.
 Divide the current 512-bit blocks into 16 sub-blocks,
each consisting of 32 bits.
 Has No. Of Rounds=4, each round consisting of 20 bit
/step iteration operations on message block &
buffer
 expand 16 words into 80 words(20*4) by mixing &
shifting.
 K[t] is constant= Where t=0 to 79
 Form new buffer value by adding output to input.
6. output hash value is the final buffer value
SHA-1 Compression Function

ABCDE=(F[t]+E+S5(A)+W[t]+K[t]),>>>Shift right by 1 bit for next iteration

SHA-1 Compression
Function terms
 each round has 20 steps which replaces the
5 buffer words thus:
(A,B,C,D,E) <-(E+f(t,B,C,D)+(A<<5)+Wt+Kt),A,
(B<<30),C,D)
 ABCDE refer to the 5 words of the buffer
 t is the step number
 f(t,B,C,D) is nonlinear function for round

Wt is derived from the message block

Kt is a constant value
 S^t circular left shift of 32 bit sub-block by t
bits
 Process F(t) in each SHA-1 round

 where g can be expressed as:

ROUND 1: (b AND c) OR ((NOT b) AND (d)) same

as MD5

ROUND 2: b XOR c XOR d

ROUND 3: (b AND c) OR (b AND d) OR (c AND d)

ROUND 4: b XOR c XOR d

Creation of 80-word input
Wt
 Adds redundancy and interdependence among
message blocks
SHA-1 verses MD5
 brute force attack is harder (160 vs 128
bits for MD5)
 not vulnerable to any known attacks
(compared to MD4/5)
 a little slower than MD5 (80 vs 64 steps)
 both designed as simple and compact
 Revised Secure Hash
Standard
 NIST issued revision FIPS 180-2 in 2002
 adds 3 additional versions of SHA
 SHA-256, SHA-384, SHA-512
 Different lengths of Message Digest in bits
 designed for compatibility with increased
security provided by the AES cipher
 structure & detail is similar to SHA-1
 hence analysis should be similar
 but security levels are rather higher
1. Padding,2.Append Length,3.Divide the
input into 1024- bit blocks
4.Initialization Of Chaining
Variable
 8*64= 512 bits
 A,B,C,D,E,F,G,H
5.Process Blocks
 heart of the algorithm
 processing message in 1024-bit blocks
 consists of 80 rounds
 updating a 512-bit buffer TEMP CHAINING
VARIABLES.
 using a 64-bit value Wt derived from the
current message block
 and a round constant based on cube root of
first 80 prime numbers
SHA-512 Round Function
SHA-512 Round Function
 Let us look in more detail at the logic in each of the 80
steps of the processing of one 512-bit block (Figure). Each
round is defined by the following set of equations:
 SHA-512 Round Function
 where
 t =step/round number; 0 t 79
 Ch(e, f, g)= (e AND f) XOR (NOT e AND g)
the conditional function: If e then f else g
 Maj(a, b,c)= (a AND b) XOR (a AND c) XOR (b AND c)
the function is true only of the majority (two or three) of the
arguments are true.
 Sum (ai)= RORT (ai By 28 Bit) XOR RORT (ai By 34 Bit) XOR
RORT (ai By 39 Bit)
 Sum (ei)= RORT (ei By 14 Bit) XOR RORT (ei By 18 Bit) XOR

RORT (ei By 41 Bit)

 ROTRn(x) = circular right shift (rotation) of the 64-bit
argument x by n bits
 Wt = a 64-bit word derived from the current 512-bit input block
(i.e:- Message Digest)
 Kt = a 64-bit additive constant

SHA-512 Round Function