1 / 25

Hashing: SHA256 Tayler Angevine Bachelor of Arts Dr. Ken Blaha 3/13/2014

Hashing: SHA256 Tayler Angevine Bachelor of Arts Dr. Ken Blaha 3/13/2014. Introduction. Review the hash function SHA-256 Goal: understand how SHA-256 computes it’s hash. Why have I decided to focus on Sha-256 algorithms ? Battle tested Considered to be some of the “safest” algorithms

mvillarreal
Télécharger la présentation

Hashing: SHA256 Tayler Angevine Bachelor of Arts Dr. Ken Blaha 3/13/2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hashing: SHA256Tayler AngevineBachelor of ArtsDr. Ken Blaha3/13/2014

  2. Introduction • Review the hash function SHA-256 • Goal: understand how SHA-256 computes it’s hash. • Why have I decided to focus on Sha-256algorithms? • Battle tested • Considered to be some of the “safest” algorithms • Bitcoin is based around SHA-256. • The way the algorithm is implemented using MessageDigest left a lot of unknowns. • Was under the impression that I would need to code the algorithm.

  3. More intro • Named after it’s digest length. • Will not focus on • SHA-1 because it has been “broken” • Would rather focus on today’s standard rather than the past. • SHA-384 and SHA-512 because they are essentially the same. • Why go over the code? • I believe it is necessary to understand the code of an algorithm in order to recognize it’s weaknesses or it’s strengths.

  4. What is a hash? • Hash function takes a string of any length, and generates fixed-length output data. • It is not reversible. • Because you are taking a string and basically dividing it. • Therefore, you are losing information. • If you have lost information about the original input, then it is nearly impossible to reverse the hash.

  5. What makes a good hash? • Same input will always lead to the same output. • Avoids collision attacks

  6. A little information… • Sha 256 is more safe from collision attacks than other algorithms. • MD5 = 128 byte output, 64 bits of security • SHA-1 = 160 byte output, 80 bits of security. • SHA 256 = 256 byte output, 128 bits of security • What are collision attacks? • Find two input strings that produce the same hash. • “abc” • “aiieagnea;[sagjeiao;iaeohgao;ejagea” • Hash functions can have infinite input length, but a fixed output.

  7. How does it work? • Padding aka Preprocessing • Block decomposition • Hash Algorithm

  8. Preprocessing • Message (M) is l bits long. • Append message with a 1 • Followed by n zero bits. N is smallest, non-negative solution to the equation. • L + 1 + n = 448 mod 512 • This leaves enough room to append what we have so far with a 64-bit block that equals our message represented in binary. • Message = “abc” • 24 + 1 + N = 448.  N = 423 zero bits

  9. Notation • Algorithm uses AND, XOR, OR, Circular Right Shift, and Logical Right Shifts in order to compute the hash.

  10. AND Produces 1 if both p and q are 1’s.

  11. OR Produces 1 if p or q are 1

  12. XOR Produces 1 if p or q is 1, but not both.

  13. Circular Shift Right ShR(variable, number) • variable: a,b,c,d,e,f,g,h • Number: amount of shift.

  14. Logical Right ShiftRotR(variable, number) • Variable: a,b,c,d,e,f,g,h. • Number: amount of shifts

  15. Equations

  16. Where it starts to get complicated. • Generally H1– H8 are set to the first 32 bits of the fractional parts of the square roots of the first eight primes.

  17. Example • Square root of 2 = 1.414213562373095048801 • Fractional part = 0.41421356237309504. • Hexadecimal = 6A09E667.

  18. Where does our password come into play? • Or original password was padded to 512 bytes. Which is 16 words. • A 64 word array is created we will refer to as W • W0 – W15 are initialized to our padded password. • The rest (W16 – W63) are set to a value determined by this function • J is just the counter in a for loop.

  19. Algorithm Computation(executed 64 times)

  20. A – H are initialized with H1– H8

  21. Last Step • Take your original and H1– H8 add a – h to them.

  22. Issues • Putting together a puzzle • Some things are difficult to find answers to.

  23. Sources • Algorithm • http://csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf • http://www-ma2.upc.es/~cripto/Q2-06-07/SHA256english.pdf • Actual Implementation • http://www.cs.mcgill.ca/~zcao7/mutls/release/llvm-gcc-4.2-2.9.source/libjava/classpath/gnu/java/security/hash/Sha256.java • http://www.vipan.com/htdocs/bitwisehelp.html • Various Information • wikipedia.org/ • http://www.makeuseof.com/tag/md5-hash-stuff-means-technology-explained/

  24. More Sources • Various Information • http://crypto.stackexchange.com/questions/8636/what-does-message-schedule-mean-in-sha-256 • http://docs.oracle.com/javase/7/docs/api/java/security/MessageDigest.html • Converting bytes to a string • http://www.mkyong.com/java/how-do-convert-byte-array-to-string-in-java/ • Hash Calculator • http://www.xorbin.com/tools/sha256-hash-calculator

  25. QUESTIONS?

More Related