Secure Hash Algorithm

Secure hash algorithm

Secure Hash Algorithm Ahmed Habeeb University of Mansoura


Abstract

In today’s world every person relies on internet for various purposes. There is always a need to take appropriate measures for getting secure communication all the way throughout this unsecure internet. A secure hash algorithm is a set of algorithms developed by the National Institutes of Standards and Technology (NIST) and other government and private parties. These secure encryptions or "file check" functions have arisen to meet some of the top cybersecurity challenges of the 21st century, as many public service groups work with federal government agencies to provide better online security standards for organizations and the public. According to one embodiment, a processor includes an instruction decoder to receive a first instruction to process a SHA1 hash algorithm, the first instruction having a first operand, a second operand, and a third operand, the first operand specifying a first storage location storing four SHA states, the second operand specifying a second storage location storing a plurality of SHA1 message inputs in combination with a fifth SHA1 state. The processor further includes an execution unit coupled to the instruction decoder, in response to the first instruction, to perform at least four rounds of the SHA1 round operations on the SHA1 states and the message inputs obtained from the first and second operands, using a combinational logic function specified in the third operand.


Introductio n

Introduction

According to SHA-1 standard, a message digest is evaluated utilizing padded message. The evaluation utilizes two buffers, each comprises of five 32-bit words and a sequence of eighty 32-bit words. The words of the first fiveword buffer are labeled as A, B, C, D and E. The words of the second fiveword buffer are labeled as H0, H1, H2, H3 and H4. The words of the eightyword sequence are labeled as W0, W1, W2 to W79. SHA1 operates blocks of 512 bits, when evaluating a message digest. The entire extent lengthwise of message digest shall be multiple of 512. A novel architecture of SHA-1 for enhanced throughput and decreased area, in which at the same time diverse acceleration techniques are exerted like pre-computation, loop unfolding and pipelining. Hash function requires a set of operations that an input of diversifying length and create a stable length string which is known as the hash value or message digest.

Review of Literature


Review of Literature How to work: SHA-1 hash architecture has been occupied utilizing Visual Hardware Description Language (VHDL) and executed in Xilinx 13.2. It utilizes transformed Carry Save Adder to achieve enhanced throughput and decreased area. The recommended pipelined architecture has achieved a throughput of 8.6 Gbps and 1230 slices, with the integration of diverse acceleration techniques. When compared with prior work, it has been observed that the recommended execution shows 17% improved throughput as well as 25% additional dense architecture. Loop unfolding is a technique which exploits the combinational logic to execute several rounds in only one clock cycle. Pipelining is a technique in which the architecture is break into ‘n’ number of steps in which independent estimations are executed. Precomputation technique is utilized to produce definite intermediate signals of the critical path and reserve them in a register, which can be utilized in the computation of values of next step. For a message possessing a maximum length of 264, SHA-1 constructs a 160-bit message digest. Methodology: 160-bit dedicated hash function is incorporated in SHA-1 originate in the design principle of MD4, which is an algorithm utilized to certify data integrity through the formation of a 128-bit message digest from data input that is declared to be as distinctive to that data as a fingerprint is to the individual. It implements the Merkle-Dagmar paradigm to a dedicated compression function. The input message is padded and break into ‘k’ 512-bit message blocks.



At every iteration of the compression function ‘h’, a 160-bit chaining variable Ht is upgraded utilizing one message block Mt+1, that is Ht+1 = h (Ht, Mt+1). The beginning value H0 is established in advance and Hk is the out-turn of the hash function. SHA-1 compression function is constructed upon the Davis Meyer construction. It utilizes a function ‘E’ as a block cipher with Ht for the message input and Mt+1 for the key input. Architecture: To generate the final output, SHA-1 core block occupies 80 clock cycles. The value of all the other chaining variables appears sooner than at variable. It means that the computation of value of at variable creates the critical path. The critical path includes delay of additions and non-linear function. This delay should be minimized to enhance the comprehensive performance, since the addition operation of critical path influences the delay of the SHA-1 algorithm. Diverse categories of adders are available. Carry Save Adder (CSA) is the high-speed multi-operand adder which can execute parallel addition of three operand simultaneously. It has a distinct path of sum and carry to reduce the delay. Output carry of every bit addition is secured in the present step and then it is provided in the upcoming step for addition, rather of carry propagation to the upcoming high-level significant bit. A carry look ahead adder is utilized in the place of Ripple carry adder in the last stage, to enhance the speed of carry save adder. Implementations: The secure hash algorithms specified herein may be implemented in software, firmware, hardware or any combination thereof. Only algorithm implementations that are validated by NIST will be considered as complying with this standard.



Export control: Certain cryptographic devices and technical data regarding them are subject to Federal export controls. Exports of cryptographic modules implementing this standard and technical data regarding them must comply with these Federal regulations and be licensed by the Bureau of Export Administration of the U.S. Department of Commerce. SHA usage: A common application of SHA is to encrypting passwords, as the server side only needs to keep track of specific user’s hash value, rather than the actual password. This is helpful in case an attacker hacks the database, as they will only find the hashed functions and not the actual passwords, so if they were to input the hashed value as a password, the hash function will convert it into another string and subsequently deny access. Additionally, SHA exhibit the avalanche effect, where the modification of very few letters being encrypted cause a big change in output; or conversely, drastically different strings produce similar hash values. This effect causes hash values to not give any information regarding the input string, such as its original length. In addition, SHAs are also used to detect the tampering of data by attackers, where if a text file is slightly changed and barely noticeable, the modified file’s hash value will be different than the original file’s hash value, and the tampering will be rather noticeable.



SHA characteristics: Cryptographic hash functions are utilized to keep data secured by providing three fundamental safety characteristics: pre-image resistance, second pre-image resistance, and collision resistance. The cornerstone of cryptographic security lies in the provision of pre-image resistance, which makes it hard and time consuming for an attacker to find an original message, given the respective hash value, This security is provided by the nature of one-way functions, which is a key component of SHA. Preimage resistance is necessary to ward off brute force attacks from powerful machines. The second safety characteristic is called second pre-image resistance, granted by SHA when a message is known, yet it’s hard to find another message, that hashes to the same value. Without this characteristic, two different passwords would yield the same hash value, deeming the original password unnecessary to access secured data.



The last safety characteristic is collision resistance, which is provided by algorithms that make it extremely hard for an attacker to find two completely different messages that hash to the same hash value. In order to provide this characteristic, there must be a similar number of possible inputs to possible outputs, as more inputs than outputs, by the pigeonhole principle, will definitively incur potential collisions. For this reason, collision resistance is necessary, as it implies that finding two inputs that hash to the same hash value is extremely difficult. Without collision resistance, digital signatures can be compromised as finding two messages that produce the same hash value may make users believe two documents were signed by two different people, when one person was able to produce a different document with the same hash value. Recent cryptographic functions have stronger security characteristics to block off recently developed techniques such as length extension attacks, where given a hash value, , and the length of the original message, , an attacker can find a message, , and calculate the hash value of the concatenation of the original message and the new message: . As a general guideline, a hash function should be as seemingly random as possible while still being deterministic and fast to compute.


Conclusion

Conclusion SHA stands for Secure Hash Algorithm. It consists of five hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST). Amongst all, SHA1 is most popular one. SHA1 produces a 160-bit message digest for a message having a maximum length of 264. A message digest is a fixed-length output of a message. The message digest is then input to a digital signature algorithm (DSA), which will then generate the signature for the message. Signing the message digest instead of the message offers improved performance because the message digest will be much smaller than the message. The recipient of the message will then use the same hash algorithm to verify the signature. Any change that occurs during transit will result in a different message digest and, thus, the signature will not verify. Once it is verified as true, the recipient is able to unlock the message. This method prevents unauthorized users from viewing messages that are not intended for them. The SHA-1 is implicit easily. It is as secure as anything in opposition to reimaged attacks, although it is effortless to calculate, which means it is uncomplicated to mount a brute force or dictionary attack. It is a well-known cryptographic primitive which ensures the integrity and reliability of original message.


References 1. Techopedia.com. (2018). What is a Secure Hash Algorithm (SHA)? - Definition from Techopedia. [Accessed 23 Apr. 2018]. 2. National Institute of Standards and Technology,” Secure hash standard,” Federal Information Processing Standards Publications FIPS PUB 180-1, 1995. 3. National Institute of Standards and Technology,” Secure hash standard,” Federal Information Processing Standards Publications FIPS PUB 180- 2”, 2001. 4. Harshvardhan Tiwari. A Secure Hash Function MD-192 with Modified Message Expansion” Vol. 7 No. 2 February 2010 International Journal of Computer Science and Information Security. 5. Ricardo Chaves, Georgi Kuzmanov, Leonel Sousa, and Stamatis Vassiliadis “Cost-Efficient SHA Hardware Accelerators” IEEE transactions on very largescale integration (VLSI)Systems, VOL. 16, NO. 8, AUGUST 2008 6. Simmons GJ. Message Authentication with arbitration of transmitter/receiver disputes. Advances in Cryptology- Eurocrypt’87, Lecture Notes in Computer Science, Springer-Verlag, Berlin; 1988; 304: 151-165. 7. Wang X, Feng D, Lai X, Chen H and Yu X. Cryptanalysis of the hash functions MD4 and RIPEMD. In Eurocrypt'05, LNCS Springer-Verlag 2005; 3494:1-18. 8. Klima V. Finding MD5 Collisions on a notebook PC-using multi message modifications. Cryptology ePrint Archive, Report 2005. 9. Wang X, Yu H, Yin Y. L. Efficient Collision Search Attacks on SHA-0. In Crypto 2005; LNCS 3621, 1-16. 10. Wang, Yin YL, Yu H. Finding Collisions in the Full SHA-1. 11. Garbita Gupta and Sanjay Sharma, “Enhanced SHA-192 Algorithm with Larger Bit Difference” IEEE International Conference on Communication Systems and Network Technologies, 2013 12. L.Thulasimani and M.Madheswaran “Security and Robustness Enhancement of Existing Hash Algorithm” IEEE International Conference on Signal Processing Systems 2009. 13. A new Hash Function Based on Combination of Existing Digest Algorithms pub 2007. 14. The Collision Rate Tests of Two Known Message Digest Algorithms 2009.