DR. B. R.

AMBEDKAR
NATIONAL INSTITUTE OF TECHNOLOGY-
JALANDHAR
Department Of Computer Science and Engineering

Information Security Lab

Subject Code: CSPC 327
B.Tech CSE - Semester 5th
Section: A

Submitted to: Submitted by:

Er. D.K. Gupta Anshuman Kumar
Associate Professor 20103026(G1)
 ASSIGNMENT-03

Discuss the characteristics and working of Following algorithms

MD5

SHA

MD5

MD5 message-digest algorithm is the 5th version of the Message-Digest Algorithm developed by Ron
Rivest to produce a 128-bit message digest. MD5 is quite fast than other versions of the message
digest, which takes the plain text of 512-bit blocks, which is further divided into 16 blocks, each of 32
bit and produces the 128bit message digest, which is a set of four blocks, each of 32 bits. MD5
produces the message digest through five steps, i.e. padding, append length, dividing the input into
512-bit blocks, initialising chaining variables a process blocks and 4 rounds, and using different
constant it in each iteration. Working of the MD5 Algorithm:

MD5 algorithm follows the following steps

1. Append Padding Bits: In the first step, we add padding bits in the original message in
such a way that the total length of the message is 64 bits less than the exact multiple of 512.

Suppose we are given a message of 1000 bits. Now we have to add padding bits to the original
message. Here we will add 472 padding bits to the original message. After adding the padding bits
the size of the original message/output of the first step will be 1472 i.e. 64 bits less than an exact
multiple of 512 (i.e. 512*3 = 1536).
Length(original message + padding bits) = 512 * i – 64 where i = 1,2,3 . .

2. Append Length Bits: In this step, we add the length bit in the output of the first step in
such a way that the total number of the bits is the perfect multiple of 512.
Simply, here we add the 64-bit as a length bit in the output of the first step. i.e. output
of first step = 512 * n – 64 length bits = 64.
After adding both we will get 512 * n i.e. the exact multiple of 512.

3. Initialize MD buffer: Here, we use the 4 buffers i.e. J, K, L, and M. The size of each buffer
is 32 bits.
- J = 0x67425301
- K = 0xEDFCBA45
- L = 0x98CBADFE
- M = 0x13DCE476
4. Process Each 512-bit Block: This is the most important step of the MD5 algorithm.
Here, a total of 64 operations are performed in 4 rounds. In the 1st round, 16 operations will be
performed, 2nd round 16 operations will be performed, 3rd round 16 operations will be performed,
and in the 4th round, 16 operations will be performed. We apply a different function on each round
i.e. for the 1st round we apply the F function, for the 2nd G function, 3rd for the H function, and 4th
for the I function.
We perform OR, AND, XOR, and NOT (basically these are logic gates) for calculating functions. We
use 3 buffers for each function i.e. K, L, M.

- F(K,L,M) = (K AND L) OR (NOT K AND M)

- G(K,L,M) = (K AND L) OR (L AND NOT M)
- H(K,L,M) = K XOR L XOR M
- I(K,L,M) = L XOR (K OR NOT M)

After applying the function now we perform an operation on each block. For performing operations
we need

• add modulo 232 • M[i] – 32 bit message.

• K[i] – 32 bit constant.
• <<<n – Left shift by n bits.

Now take input as initialize MD buffer i.e. J, K, L, M. Output of K will be fed in L, L will be fed into M,
and M will be fed into J. After doing this now we perform some operations to find the output for J.

• In the first step, Outputs of K, L, and M are taken and then the function F is applied to
them. We will add modulo 232 bits for the output of this with J.
• In a second step, we add the M[i] bit message with the output of the first step.
• Then add 32 bits constant i.e. K[i] to the output of the second step.
• At last, we do left shift operation by n (can be any value of n) and addition modulo by
232.

After all steps, the result of J will be fed into K. Now same steps will be used for all functions G, H,
and I. After performing all 64 operations we will get our message digest.

Application Of MD5 Algorithm:

• We use message digest to verify the integrity of files/ authenticates files.

• MD5 was used for data security and encryption.
• It is used to Digest the message of any size and also used for Password verification.
• For Game Boards and Graphics.
Advantages of MD5 Algorithm: • MD5 is faster and

simple to understand.

• MD5 algorithm generates a strong password in 16 bytes format. All developers like web
developers etc use the MD5 algorithm to secure the password of users.
• To integrate the MD5 algorithm, relatively low memory is necessary.
• It is very easy and faster to generate a digest message of the original message.

Disadvantages of MD5 Algorithm:

• MD5 generates the same hash function for different inputs.

• MD5 provides poor security over SHA1.
• MD5 has been considered an insecure algorithm. So now we are using SHA256 instead
of MD5
• MD5 is neither a symmetric nor asymmetric algorithm.
SHA

SHA algorithm is Secure Hash algorithm developed by the National Institute of

Standards and Technology along with NSA, previously released as a Federal Information Processing
Standard, later in 1995, it was named as SHA algorithm, design to modify the MD4, in other words,
we can say that the SHA algorithm is the modified version of MD4. SHA is designed to obtain the
original message, given its message digest, and find the message producing the same message.

In the field of cryptography and crypt analytics, the SHA-1 algorithm is a cryptformatted hash
function that is used to take a smaller input and produces a string that is 160 bits, also known as 20-
byte hash value long. The hash value therefore generated, is known as a message digest which is
typically rendered and produced as a hexadecimal number which is specifically 40 digits long.

Characteristics

• The cryptographic hash functions are utilized and used to keep and store the secured form

of data by providing three different kinds of characteristics such as pre-image resistance,

which is also known as the first level of image resistance, the second level of pre-image

resistance and collision resistance.

• The cornerstone lies in the fact that the pre-image crypt resistance technique makes it hard

and more time consuming for the hacker or the attacker to find the original intended

message by providing the respective hash value.

• The security, therefore, is provided by the nature of a one way that has a function that is

mostly the key component of the SHA algorithm. The preimage resistance is important to

clear off brute force attacks from a set of huge and powerful machines.

• Similarly, the second resistance technique is applied where the attacker has to go through a

hard time decoding the next error message even when the first level of the message has

been decrypted. The last and most difficult to crack is the collision resistance, making it

extremely hard for the attacker to find two completely different messages which hash to

the same hash value.

• Therefore, the ratio to the number of inputs and the outputs should be similar in fashion to

comply with the pigeonhole principle. The collision resistance implies that finding two
 different sets of inputs that hash to the same hash is extremely difficult and therefore

marks its safety.

Types of SHA

1. SHA-0
It is a retronym that is applied to the basic version of the year-old 160 bit or 20-byte long hash
function, which was published back in 1993 with the name of the SHA algorithm. It was withdrawn
very shortly after it was published due to a major flaw, and therefore SHA-1 came into the picture.

2. SHA-1
It is a 160 bit or a 20-byte long hash-based function-based encryption mechanism that is used to
resemble the year-old MD5 algorithm. The particular algorithm was designed and developed by the
NSA, i.e. the National Security Agency and was supposed to be part of the critical component-
Digital Signature Algorithm (DSA). The weaknesses related to the cryptographic techniques were
found in SHA-1; the encryption standard was later on discarded and was not much put to use.

3. SHA-2
This forms a family of 2 identical hash functions, which consist of differently sized block sizes which
are known to be SHA-512 and SHA-256, which differ mainly in the word size. The former consists of
the word value range of 32 words, whereas the latter consists of the 64-bit word value. The
truncated versions of these values include SHA-224, SHA-384 and SHA-512 and SHA-224 or SHA-
256.
4. SHA-3
This is the encryption technique being used mainly today, which makes use of the

hash function named Keccak. The length supported is the same as that of SHA-2.

Still, the majority of the difference lies in the fact that this one is structurally different

as it is based on a wide range of random function generation, which typically

supports all random permutations and thereby allowing inputting or absorbing, as it

is called, any amount of data presented and outputting or squeezing the presented

data. While doing all this, this acts as a pseudorandom function for all the inputs

provided, which therefore leads to greater flexibility.

Uses of SHA Algorithm

These SHA algorithms are widely used in security protocols and applications, including the ones
such as TLS, PGP, SSL, IPsec, and S/MiME. These also find their place in all the majority of
cryptanalytic techniques and coding standards which is mainly aimed to see the functioning and
working of majorly all governmental as well as private organizations and institutions. Major giants
today such as Google, Microsoft, or Mozilla have started to recommend the use of SHA-3 and stop
the usage of the SHA-1 algorithm.
3