MD5 In MD5, St shift constants are defined as:

Slides:

Advertisements

Similar presentations

Combining Like Terms.

Advertisements

Table 7.1 Verilog Operators.

T h e K i n e t i c T h e o r y. E x p l a i n s t h e e f f e c t s o f t e m p e r a t u r e a n d p r e s s u r e o n m a t t e r.

MD5 Generation Auto-Generated Slides To Visualize MD5 Hash Generation by Chris Fremgen.

MD5 Generation Auto-Generated Slides To Visualize MD5 Hash Generation by Chris Fremgen.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

MD5 Generation Auto-Generated Slides To Visualize MD5 Hash Generation by Chris Fremgen.

MD5 Generation Auto-Generated Slides To Visualize MD5 Hash Generation by Chris Fremgen.

MD5 Generation Auto-Generated Slides To Visualize MD5 Hash Generation by Chris Fremgen.

PIITMadhumita Chatterjee Security 1 Hashes and Message Digests.

By: Matthew Ng. SHA stands for Secure Hash Algorithm It is based off the Merkle-Dangard hash function There are 3 versions of it with one coming in 2012.

Ch 5.1: Review of Power Series

SHA (secure hash algorithm) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Ch 5.1: Review of Power Series Finding the general solution of a linear differential equation depends on determining a fundamental set of solutions of.

1 Internal Table / DB Alternatives Analysis of Various Table Lookup Approaches.

Lecture 13 Message Signing

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

HASH Functions.

Chapter 20 Symmetric Encryption and Message Confidentiality.

Ch Relations and Functions Objective: To be able to determine whether a given relation is a function.

Boyce/DiPrima 9 th ed, Ch 5.1: Review of Power Series Elementary Differential Equations and Boundary Value Problems, 9 th edition, by William E. Boyce.

Hash and MAC Functions CS427 – Computer Security

Improving Encryption Algorithms Betty Huang Computer Systems Lab

Hash and Mac Algorithms. Contents Hash Functions Secure Hash Algorithm HMAC.

AES Advanced Encryption Standard. Requirements for AES AES had to be a private key algorithm. It had to use a shared secret key. It had to support the.

Chapter 18: One-Way Hash Functions Based on Schneier.

SUNY Oneonta Data Structures and Algorithms Visualization Group MD5 Generation Auto-Generated Slides To Visualize MD5 Hash Generation by Chris Fremgen.

$100 $200 $300 $400 $500 $100 $200 $300 $400 $500 $100 $200 $300 $400 $500 $100 $200 $300 $400 $500 $100 $200 $300 $400 $500 $100 $200 $300.

1 Chapter 12: Hash and MAC Algorithms Fourth Edition by William Stallings Lecture slides by Lawrie Brown (modified by Prof. M. Singhal, U of Kentucky)

1.graph inequalities on a number line. 2.solve inequalities using addition and subtraction. Objective The student will be able to:

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Lecture 9 Design of the Computer Instruction Set and the CPU Presented By Dr. Shazzad Hosain Asst. Prof. EECS, NSU.

EC010504(EE) Electric Drives & Control

Year 12 physics summary Use this as a reminder of content and a way of identifying weakness, NOT as a replacement for revision.

Post-Fisherian Experimentation: from Physical to Virtual

Temperature Programmed Desorption

Performance – meaning and metrics

Bioinformatics of structured RNAs beyond energy minimization

Community Ecology, Population Ecology, and the Human Population

Prof. Onur Mutlu Carnegie Mellon University Spring 2012, 2/8/2012

Redistributive land taxation

Pressure injury.

BSBMGT516 Facilitate continuous improvement

Special Jurisdiction in eu pil

SI leader: Rosalie Dubberke

Syntax Analysis CSE 340 – Principles of Programming Languages

Haim Kaplan and Uri Zwick

Chapter 12 – Hash Algorithms

Secure Hash Algorithm A SEARIES OF SHA….

If the hash algorithm is properly designed and distributes the hashes uniformly over the output space, "finding a hash collision" by random guessing is.

If the hash algorithm is properly designed and distributes the hashes uniformly over the output space, "finding a hash collision" by random guessing is.

“The quick brown fox jumps over the lazy dog”

MD5 A Hash Algorithm….

School of Computer Science and Engineering Pusan National University

These 19 words are given and fixed

Example Best and Median Results

Chapter 14 Bitwise Operators Objectives

Each SHA256 Round There is really only one set of {A, B, C, D, E, F, G, H} registers. S0 = (A rightrotate 2) xor (A rightrotate 13) xor (A rightrotate.

Resolution Proofs for Combinational Equivalence

Solving Systems of Equation by Substitution

Ch Minute Check 1.

Drawing Trigonometric Graphs.

ECE 352 Digital System Fundamentals

Bitwise Operators.

Lecture 4: Continuation of SystemVerilog

Previously, we discussed about “prototyping” code for SHA1 and SHA256

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Lecture 13: Cache Basics Topics: terminology, cache organization (Sections )

Information and Computer Security CPIS 312 Lab 4 & 5

The Secure Hash Function (SHA)

Presentation transcript:

MD5 In MD5, St shift constants are defined as: parameter byte S[0:63] = '{ 8'd7, 8'd12, 8'd17, 8'd22, 8'd7, 8'd12, 8'd17, 8'd22, 8'd7, 8'd12, 8'd17, 8'd22, 8'd7, 8'd12, 8'd17, 8'd22, 8'd5, 8'd9, 8'd14, 8'd20, 8'd5, 8'd9, 8'd14, 8'd20, 8'd5, 8'd9, 8'd14, 8'd20, 8'd5, 8'd9, 8'd14, 8'd20, 8'd4, 8'd11, 8'd16, 8'd23, 8'd4, 8'd11, 8'd16, 8'd23, 8'd4, 8'd11, 8'd16, 8'd23, 8'd4, 8'd11, 8'd16, 8'd23, 8'd6, 8'd10, 8'd15, 8'd21, 8'd6, 8'd10, 8'd15, 8'd21, 8'd6, 8'd10, 8'd15, 8'd21, 8'd6, 8'd10, 8'd15, 8'd21 }; However, only 16 values are unique, which are repeated. Can alternatively use: parameter byte S[0:15] = '{ 8'd7, 8'd12, 8'd17, 8'd22, 8'd5, 8'd9, 8'd14, 8'd20, 8'd4, 8'd11, 8'd16, 8'd23, 8'd6, 8'd10, 8'd15, 8'd21 }; Then access the S constant array like this: function logic [31:0] get_S(input logic [5:0] t); logic [3:0] i; i = {t[5:4], t[1:0]}; get_S = S[i]; endfunction

MD5 Going further … parameter byte S[0:15] = '{ 8'd7, 8'd12, 8'd17, 8'd22, 8'd5, 8'd9, 8'd14, 8'd20, 8'd4, 8'd11, 8'd16, 8'd23, 8'd6, 8'd10, 8'd15, 8'd21 }; function logic [31:0] get_S(input logic [5:0] t); logic [3:0] i; i = {t[5:4], t[1:0]}; get_S = S[i]; endfunction function logic [31:0] md5_op(input logic[31:0] a, b, c, d, w, input logic[5:0] t); logic [31:0] t1, t2; t1 = a + md5_f(t) + md5_k(t) + w; t2 = b + ((t1 << get_S(t))|(t1 >> (32-get_S(t)))); md5_op = {d, t2, b, c); endfunction

MD5 Alternatively … function logic [31:0] rotate_S(input logic [31:0] x, input logic [5:0] t); logic [3:0] i; i = {t[5:4], t[1:0]}; case (i) 0: rotate_S = {x[24:0], x[31:25]}; // leftrotate S[t] = 7 1: rotate_S = {x[19:0], x[31:20]}; // leftrotate S[t] = 12 ... default: rotate_S = {x[10:0], x[31:11]}; // leftrotate S[t] = 21 endcase endfunction function logic [31:0] md5_op(input logic[31:0] a, b, c, d, w, input logic[5:0] t); logic [31:0] t1, t2; t1 = a + md5_f(t) + md5_k(t) + w; t2 = b + rotate_S(t1, t); md5_op = {d, t2, b, c); endfunction

SHA-256 In each hash round, “maj” and “ch” are defined as follows: maj = (A and B) xor (A and C) xor (B and C) ch = (E and F) xor ((not E) and G) The xor can be replaced by or to simplify: maj = (A and B) or (A and C) or (B and C) ch = (E and F) or ((not E) and G) May not make a difference since logic synthesis should be able to simplify anyway.

Hints for Pipelining SHA-256 Each SHA-256 round, compute: S0 = (A rightrotate 2) xor (A rightrotate 13) xor (A rightrotate 22) maj = (A and B) xor (A and C) xor (B and C) t2 = S0 + maj S1 = (E rightrotate 6) xor (E rightrotate 11) xor (E rightrotate 25) ch = (E and F) xor ((not E) and G) t1 = H + S1 + ch + Kt + Wt (A, B, C, D, E, F, G, H) = (t1 + t2, A, B, C, D + t1, E, F, G)

Hints for Pipelining SHA-256 This means: A[2] = t1[1] + t2[1] = (H[1] + S1(E[1]) + ch(E[1], F[1], G[1]) + K[1] + W[1]) + (S0(A[1]) + maj(A[1], B[1], C[1]) B[2] = A[1] C[2] = B[1] D[2] = C[1] E[2] = D[1] + t1[1] = D[1] + (H[1] + S1(E[1]) + ch(E[1], F[1], G[1]) + K[1] + W[1]) F[2] = E[1] G[2] = F[1] H[2] = G[1]

Hints for Pipelining SHA-256 Can rewrite as follows B[2] = A[1] = t1[0] + t2[0] = (H[0] + S1(E[0]) + ch(E[0], F[0], G[0]) + K[0] + W[0]) + (S0(A[0]) + maj(A[0], B[0], C[0]) … F[2] = E[1] = D[0] + t1[0] = D[0] + (H[0] + S1(E[0]) + ch(E[0], F[0], G[0]) + K[0] + W[0]) Can pre-compute portion of these equations the cycle before.