h ashing : sha256 t ayler a ngevine b achelor of a rts d r. k en b laha 3/13/2014
TRANSCRIPT
![Page 1: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/1.jpg)
HASHING: SHA256TAYLER ANGEVINEBACHELOR OF ARTSDR. KEN BLAHA3/13/2014
![Page 2: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/2.jpg)
INTRODUCTION
Review the hash function SHA-256
Goal: understand how SHA-256 computes it’s hash.
Why have I decided to focus on Sha-256 algorithms? Battle tested Considered to be some of the “safest” algorithms
Bitcoin is based around SHA-256.
The way the algorithm is implemented using MessageDigest left a lot of unknowns. Was under the impression that I would need to code the
algorithm.
![Page 3: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/3.jpg)
MORE INTRO
Named after it’s digest length.
Will not focus on SHA-1 because it has been “broken”
Would rather focus on today’s standard rather than the past.
SHA-384 and SHA-512 because they are essentially the same.
Why go over the code? I believe it is necessary to understand the code
of an algorithm in order to recognize it’s weaknesses or it’s strengths.
![Page 4: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/4.jpg)
WHAT IS A HASH?
Hash function takes a string of any length, and generates fixed-length output data.
It is not reversible. Because you are taking a string and basically
dividing it. Therefore, you are losing information.
If you have lost information about the original input, then it is nearly impossible to reverse the hash.
![Page 5: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/5.jpg)
WHAT MAKES A GOOD HASH?
Same input will always lead to the same output.
Avoids collision attacks
![Page 6: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/6.jpg)
A LITTLE INFORMATION…
Sha 256 is more safe from collision attacks than other algorithms.
MD5 = 128 byte output, 64 bits of security SHA-1 = 160 byte output, 80 bits of security. SHA 256 = 256 byte output, 128 bits of security
What are collision attacks? Find two input strings that produce the same hash.
“abc” “aiieagnea;[sagjeiao;iaeohgao;ejagea”
Hash functions can have infinite input length, but a fixed output.
![Page 7: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/7.jpg)
HOW DOES IT WORK?
Padding aka Preprocessing
Block decomposition
Hash Algorithm
![Page 8: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/8.jpg)
PREPROCESSING
Message (M) is l bits long. Append message with a 1 Followed by n zero bits. N is smallest, non-
negative solution to the equation. L + 1 + n = 448 mod 512
This leaves enough room to append what we have so far with a 64-bit block that equals our message represented in binary. Message = “abc” 24 + 1 + N = 448. N = 423 zero
bits
![Page 9: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/9.jpg)
NOTATION
Algorithm uses AND, XOR, OR, Circular Right Shift, and Logical Right Shifts in order to compute the hash.
![Page 10: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/10.jpg)
AND
p q p AND q
1 1 1
1 0 0
0 1 0
0 0 0
Produces 1 if both p and q are 1’s.
![Page 11: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/11.jpg)
OR
p q p OR q
1 1 1
1 0 1
0 1 1
0 0 0
Produces 1 if p or q are 1
![Page 12: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/12.jpg)
XOR
p q p XOR q
1 1 0
1 0 1
0 1 1
0 0 0
Produces 1 if p or q is 1, but not both.
![Page 13: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/13.jpg)
CIRCULAR SHIFT RIGHT SHR(VARIABLE, NUMBER)
variable: a,b,c,d,e,f,g,h Number: amount of shift.
![Page 14: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/14.jpg)
LOGICAL RIGHT SHIFTROTR(VARIABLE, NUMBER)
Variable: a,b,c,d,e,f,g,h. Number: amount of shifts
![Page 15: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/15.jpg)
EQUATIONS
![Page 16: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/16.jpg)
WHERE IT STARTS TO GET COMPLICATED.
Generally H1 – H8 are set to the first 32 bits of the fractional parts of the square roots of the first eight primes.
![Page 17: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/17.jpg)
EXAMPLE
Square root of 2 = 1.414213562373095048801
Fractional part = 0.41421356237309504.
Hexadecimal = 6A09E667.
![Page 18: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/18.jpg)
WHERE DOES OUR PASSWORD COME INTO PLAY?
Or original password was padded to 512 bytes. Which is 16 words.
A 64 word array is created we will refer to as W
W0 – W15 are initialized to our padded password.
The rest (W16 – W63) are set to a value determined by this function J is just the counter in a for loop.
![Page 19: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/19.jpg)
ALGORITHM COMPUTATION(EXECUTED 64 TIMES)
![Page 20: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/20.jpg)
A – H are initialized with H1 – H8
![Page 21: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/21.jpg)
LAST STEP
Take your original and H1 – H8 add a – h to them.
![Page 22: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/22.jpg)
ISSUES
Putting together a puzzle Some things are difficult to find answers to.
![Page 23: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/23.jpg)
SOURCES
Algorithm http://
csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf
http://www-ma2.upc.es/~cripto/Q2-06-07/SHA256english.pdf
Actual Implementation http://www.cs.mcgill.ca/~
zcao7/mutls/release/llvm-gcc-4.2-2.9.source/libjava/classpath/gnu/java/security/hash/Sha256.java
http://www.vipan.com/htdocs/bitwisehelp.html
Various Information wikipedia.org/ http://www.makeuseof.com/tag/md5-hash-stuff-means-
technology-explained/
![Page 24: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/24.jpg)
MORE SOURCES
Various Information http://
crypto.stackexchange.com/questions/8636/what-does-message-schedule-mean-in-sha-256
http://docs.oracle.com/javase/7/docs/api/java/security/MessageDigest.html
Converting bytes to a string http://www.mkyong.com/java/how-do-convert-byt
e-array-to-string-in-java/
Hash Calculator http://
www.xorbin.com/tools/sha256-hash-calculator
![Page 25: H ASHING : SHA256 T AYLER A NGEVINE B ACHELOR OF A RTS D R. K EN B LAHA 3/13/2014](https://reader035.vdocuments.mx/reader035/viewer/2022062720/56649f085503460f94c1d2df/html5/thumbnails/25.jpg)
QUESTIONS?