Scribd
Upload
168 views

SHA 256 Algorithm

The document provides an overview of the SHA-256 hashing algorithm. It discusses how SHA-256 takes a message of any length and outputs a 256-bit hash value. The algorithm works by breaking the message into 512-bit blocks, padding the message as needed, and then processing each block through 64 rounds of compression to generate the output hash. It also describes how the message schedule expands each block to generate additional words used in the compression function rounds.

Uploaded by

Nayan Kadhre
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
168 views

SHA 256 Algorithm

The document provides an overview of the SHA-256 hashing algorithm. It discusses how SHA-256 takes a message of any length and outputs a 256-bit hash value. The algorithm works by breaking the message into 512-bit blocks, padding the message as needed, and then processing each block through 64 rounds of compression to generate the output hash. It also describes how the message schedule expands each block to generate additional words used in the compression function rounds.

Uploaded by

Nayan Kadhre
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 33

Blockchain Technology

Module 1

Message Digest
SHA 256

Dr. Rachana Y. Patil


Integrity
• Prevent (or at least detect) unauthorized modification
of data

• Encryption provides confidentiality (prevents


unauthorized disclosure)

• Encryption alone does not assure integrity


Message Integrity
• The cryptography systems that we have studied so far provide
secrecy, or confidentiality, but not integrity.

• One way to preserve the integrity of a document is through the use of


a fingerprint.

• If Alice needs to be sure that the contents of her document will not
be changed, she can put her fingerprint at the bottom of the
document.
Message and Message Digest
• The electronic equivalent of the document and fingerprint
pair is the message and digest pair.
Checking Integrity
Cryptographic Hash Function Criteria
A cryptographic hash function must satisfy three
criteria: preimage resistance, second preimage
resistance, and collision resistance.
Preimage Resistance
Second Preimage Resistance
Collision Resistance
Message Authentication

• A message digest does not authenticate the sender of the message.

• To provide message authentication, Alice needs to provide proof that


it is Alice sending the message and not an impostor.

• The digest created by a cryptographic hash function is normally called


a modification detection code (MDC).

• What we need for message authentication is a message


authentication code (MAC).
Modification Detection Code (MDC)
• A modification detection code (MDC) is a message digest that can prove
the integrity of the message: that message has not been changed.
• Alice can create a message digest, MDC, and send both the message and
the MDC to Bob.
• Bob can create a new MDC from the message and compare the received
MDC and the new MDC.
• If they are the same, the message has not been changed.
Modification detection code (MDC)
Message Authentication Code (MAC)
Usages of Cryptographic Hash
Functions
• Software integrity
• E.g., tripwire

• Timestamping
• How to prove that you have discovered a secret on an earlier date without
disclosing it?

• Covered later
• Message authentication
• One-time passwords
• Digital signature
Well Known Hash Functions
• MD5
• output 128 bits
• collision resistance completely broken by researchers in China in 2004

• SHA1
• output 160 bits
• no collision found yet, but method exist to find collisions in less than 2^80
• considered insecure for collision resistance
• one-wayness still holds

• SHA2 (SHA-224, SHA-256, SHA-384, SHA-512)


• outputs 224, 256, 384, and 512 bits, respectively
• No real security concerns yet
SHA 256 Overview
K bit
Message
Original Message length
64 bit
multiple of 512 bit bit

Original Message Padding

512 bit 512 bit 512 bit 512 bit 512 bit 512 bit

IV
256 bit
SHA
256
SHA
256
. . . . . 256 bit SHA
256
h0 := 0x6a09e667
h1 := 0xbb67ae85
h2 := 0x3c6ef372
h3 := 0xa54ff53a
h4 := 0x510e527f
h5 := 0x9b05688c
h6 := 0x1f83d9ab
h7 := 0x5be0cd19
256 bit

Message Digest
MD5 Overview
K bit

Original Message
Message
length
64 bit
multiple of 512 bit bit

Original Message Padding

multiple of 512 bit bit

Original Message Padding Message


length
64 bit

512 bit 512 bit 512 bit 512 bit 512 bit 448 bit

512 bit
SHA 256 Algorithm
• Message is processed in 512 -bit blocks sequentially, just like SHA-1
• Message digest is 256 bits instead of SHA-1’s 160 -bits
• 64 rounds instead of 80 rounds of compression
• Algorithm structure same as SHA-1 –
• Step 1: Padding bits –
• Step 2: Appending length as 64 bit unsigned –
• Step 3: Buffer initiation –
• Step 4: Processing of message –
• Step 5: Output
SHA-256 Algorithm
• Step 3-Buffer initiation: Eight 32 -bit words instead of five in
SHA-1
• H 0 = 0 x 6 a 09 e 667
• H 1 = 0 xbb 67 ae 85
• H 2 = 0 x 3 c 6 ef 372
• H 3 = 0 xa 54 ff 53 a
• H 4 = 0 x 510 e 527 f
• H 5 = 0 x 9 b 05688 c
• H 6 = 0 x 1 f 83 d 9 ab
• H 7 = 0 x 5 be 0 cd 19
Message Schedule
Add 48 more words initialized to zero, such
that we have an array w[0…63]
This leaves us with 64
words in our message
schedule (w):
• Modify the zero-ed indexes at the end of the array using the following
algorithm:
• For i from w[16…63]:
• s0 = (w[i-15] rightrotate 7) xor (w[i-15] rightrotate 18) xor (w[i-15] rightshift 3)
• s1 = (w[i- 2] rightrotate 17) xor (w[i- 2] rightrotate 19) xor (w[i- 2] rightshift 10)
• w[i] = w[i-16] + s0 + w[i-7] + s1
Let’s do w[16] so we can see how it works:
w[1] rightrotate 7: 01101111001000000111011101101111 -> 11011110110111100100000011101110
w[1] rightrotate 18: 01101111001000000111011101101111 -> 00011101110110111101101111001000
w[1] rightshift 3: 01101111001000000111011101101111 -> 00001101111001000000111011101101
s0 = 11011110110111100100000011101110 XOR 00011101110110111101101111001000 XOR 00001101111001000000111011101101
s0 = 11001110111000011001010111001011

w[14] rightrotate 17: 00000000000000000000000000000000 -> 00000000000000000000000000000000


w[14] rightrotate19: 00000000000000000000000000000000 -> 00000000000000000000000000000000
w[14] rightshift 10: 00000000000000000000000000000000 -> 00000000000000000000000000000000
s1 = 00000000000000000000000000000000 XOR 00000000000000000000000000000000 XOR 00000000000000000000000000000000
s1 = 00000000000000000000000000000000

w[16] = w[0] + s0 + w[9] + s1 w[16] = 01101000011001010110110001101100 + 11001110111000011001010111001011


+ 00000000000000000000000000000000 + 00000000000000000000000000000000
// addition is calculated modulo 2^32

w[16] = 00110111010001110000001000110111
Step 6 - Compression

https://blog.boot.dev/cryptography/how-sha-2-works-step-by-step-sha-256/

You might also like