Secure Hash Algorithm (SHA)
Secure Hash Algorithm (SHA) is a family of cryptographic hashing algorithms created to address possible weaknesses in MDA.
- published by NSA
- is a NIST standard
- SHA-0, SHA-1, SHA-2, and SHA-3
- current version is SHA-2
- considered the strongest algorithm
- variants that produce different-sized outputs
- longer digests considered more secure
- most popular variant is SHA256, which produces a 256-bit digest
- SHA-0 and SHA-1 are no longer used due to collision vulnerabilities
- SHA-2 and SHA-3 offer the same hash lengths and security strength levels
- most important security characteristic is the message digest size
Characteristics of SHA Algorithms
|Algorithm|Message size (bits)|Block size (bits)|Message digest (bits)|Number of rounds|
|---|---|---|---|---|
|SHA-1||512|160|80|
|SHA-224||512|224|64|
|SHA-256||512|256|64|
|SHA-384||1024|384|80|
|SHA-512||1024|512|80|
|SHA-512/224||1024|224|80|
|SHA-512/256||1024|256|80|
|SHA3-224|No limit*|11521**|224|24|
|SHA3-256|No limit|1088|256|24|
|SHA3-384|No limit|832|384|24|
|SHA3-512|No limit|576|512|24|
* SHA-3 standard does not fix any bound on the message size
** SHA-3 transformation functions manipulate blocks with a fixed length of 1600 bits divided into two parts…
SHA-1 and SHA-2
- SHA-1 was first published in 1995
- The last revisions of SHA-1 and SHA-2 were published in 2012 as secure hash standard (SHS)
- includes SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
- principles common to all SHA-1 and SHA-2 variants:
- input and output
- input is a bit string of arbitrary size, but the max message size is fixed
- produces hashes with fixed length
- data representation
- message padding
- padding is used to ensure that the bit-length of the padded message is a multiple of block size
- Bit operations used:
- uses
(and), (or), (exclusive or), and (complement)
- uses
- logical functions and constants
- make use of logical functions and constants to brew the blocks
- input and output
- similar to MD5 hash function, which was found to be vulnerable
- thus prompted the search for SHA-3
SHA-3
SHA-3 is a US government standard that was designed to replace the SHA-1 algorithm and the SHA-2 family of algorithms.
- selected as winner of the SHA-3 competition by NIST in 2007
- published in 2015
- based on an instance of Keccak algorithm
- most other hash functions such as MD5 and SHA-1 are based on Merkle-Damgård
- has some potential weaknesses, such as length extension attack
- most other hash functions such as MD5 and SHA-1 are based on Merkle-Damgård
- same security strengths as SHA-2
- SHA-3 Family includes SHA3-224, SHA3-256, SHA3-384, and SHA3-512
- and two extendible functions: Shake128 and Shake256
- are not hash functions
- can be specialized into hash functions
- and two extendible functions: Shake128 and Shake256
- block size is 1600 bits