Download presentation
Presentation is loading. Please wait.
1
SHA-1 Secure Hash Algorithm 1
2
SHA-1 – Brief Introduction 家族是美國國家安全局 (NSA) 設計,美國國家標 準與技術研究院 (NIST) 發佈的一系列密碼雜湊函 數,發表於 1993 年 從一個最大 2 64 位元的訊息中產生一串 160 位元 的摘要 設計 MD4 及 MD5 訊息摘要演算法的 MIT 教授 Ronald L. Rivest 類似的原理為基礎來加密
3
SHA-1 – Definitions of Bit Strings and Integers Hex Digit 為 16 進位,可用 4-bit 的 string 表現 7 = 0111, A = 1010 一個 word 可表示成 32-bit 的 string ,而每 4-bit 就等同一 個 Hex Digit 1010 0001 0000 0011 1111 1110 0010 0011 = A103FE23. 一個介於 0 到 2 32 -1 的數字也可以轉換成 16 進位,而成 為八位的 Hex Digit 當一整數 2 32 <= Z? Block = 512-bit string. 所以一個 Block 可以代表 16 個 words 所組成的序列.
4
SHA-1 – Operations on Words AND, OR, XOR, NOT The operation X + Y (where 0 <= x < 2 32 and 0 <= y < 2 32.) The circular left shift operation S n(X)
5
SHA-1 – Message Padding 在字串後面增加 “1”. “01010000”, 進行此步驟後會變成 “010100001” “0” 的填置. 01100001 01100010 01100011 01100100 01100101 (1). 61626364 65800000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000. 如果 string 長度小於 2 32 如上例 l = 40 Hex 過後將變成 00000000 00000028. 而完成的 sequence 就被之後當成 M(n) 使用
6
SHA-1 – Functions and Constants Used 在 SHA-1 裡方程式 f (0), f (1)……f (79) 每一個方程式解 as a 32-bit word as output f (t;B,C,D) F (t;B,C,D) = (B AND C) OR ((NOT B) AND D) ( 0 <= t <= 19) F (t;B,C,D) = B XOR C XOR D (20 <= t <= 39) F (t;B,C,D) = (B AND C) OR (B AND D) OR (C AND D) (40 <= t <= 59) F (t;B,C,D) = B XOR C XOR D (60 <= t <= 79). A sequence of constant words K(0), K(1),..., K(79) is used in the SHA-1. In hex these are given by K (t) = 5A827999( 0 <= t <= 19) K (t) = 6ED9EBA1(20 <= t <= 39) K (t) = 8F1BBCDC(40 <= t <= 59) K (t) = CA62C1D6(60 <= t <= 79).
7
SHA-1 – Computing the Message Digest Before processing any blocks, the H’s are initialized as follows: in hex, H0 = 67452301 H1 = EFCDAB89 H2 = 98BADCFE H3 = 10325476 H4 = C3D2E1F0.
8
SHA-1 – Computing the Message Digest MASK = 0000000F. Then processing of M(i) is as follows: a. Divide M(i) into 16 words W[0],..., W[15], where W[0] is the left-most word. b. Let A = H0, B = H1, C = H2, D = H3, E = H4.
9
SHA-1 – Computing the Message Digest c. For t = 0 to 79 do s = t AND MASK; if (t >= 16) W [s] = S 1 (W [(s + 13) AND MASK] XOR W [(s + 8) AND MASK] XOR W [(s + 2) AND MASK] XOR W [s]) ; TEMP = S 5 (A) + f (t;B,C,D) + E + W [s] + K (t); E = D; D = C; C = S 30(B) ; B = A; A = TEMP; d. Let H0 = H0 + A, H1 = H1 + B, H2 = H2 + C, H3 = H3 + D, H4 = H4 + E.
10
SHA-1 – graph
11
SHA-1 – code (Initialize variables:) a = h0 = 0x67452301 b = h1 = 0xEFCDAB89 c = h2 = 0x98BADCFE d = h3 = 0x10325476 e = h4 = 0xC3D2E1F0 (Pre-processing:) paddedmessage = (message) append 1 while length(paddedmessage) mod 512 <> 448: paddedmessage = paddedmessage append 0 paddedmessage = paddedmessage append (length(message) in 64-bit format) (Process the message in successive 512-bit chunks:) while 512-bit chunk(s) remain(s): break the current chunk into sixteen 32-bit words w(i), 0 <= i <= 15 (Extend the sixteen 32-bit words into eighty 32-bit words:) for i from 16 to 79: w(i) = (w(i-3) xor w(i-8) xor w(i-14) xor w(i-16)) leftrotate 1 (Main loop:) for i from 0 to 79: temp = (a leftrotate 5) + f(b,c,d) + e + k + w(i) (note: all addition is mod 2^32) where: (0 <= i <= 19): f(b,c,d) = (b and c) or ((not b) and d), k = 0x5A827999 (20 <= i <= 39): f(b,c,d) = (b xor c xor d), k = 0x6ED9EBA1 (40 <= i <= 59): f(b,c,d) = (b and c) or (b and d) or (c and d), k = 0x8F1BBCDC (60 <= i <= 79): f(b,c,d) = (b xor c xor d), k = 0xCA62C1D6 e = d d = c c = b leftrotate 30 b = a a = temp h0 = h0 + a h1 = h1 + b h2 = h2 + c h3 = h3 + d h4 = h4 + e digest = hash = h0 append h1 append h2 append h3 append h4
Similar presentations
