| Author |
Topic: Secure Hash Algorithm: SHA-0, SHA-1, SHA-2, SHA-3 |
|
X509
member
offline  |
| |
| posts: |
33 |
| joined: |
05/01/2007 |
| from: |
MS |
|
|
 |
|
|
| Secure Hash Algorithm: SHA-0, SHA-1, SHA-2, SHA-3 |
SHA stands for Secure Hash Algorithm.
SHA-0, SHA-1, and SHA-2 are currently used and well known cryptographic hash functions which are designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard (FIPS).
SHA-3 will become a FIPS standard around 2012 according to NIST.gov
|
|
|
|
|
|
|
X509
member
offline  |
| |
| posts: |
33 |
| joined: |
05/01/2007 |
| from: |
MS |
|
|
|
|
|
| SHA-0 and SHA-1 should be retired |
SHA-1 is very similar to SHA-0, but corrects an error in the original SHA hash specification that led to significant weaknesses. The SHA-0 algorithm was not adopted by many applications.
A successful attack on SHA-1 was reported in 2005 and for this reason SHA-1 should be kicked out of govenment use. "Federal agencies should stop using SHA-1 for...applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010" -- NIST.gov
|
|
|
|
|
|
|
X509
member
offline |
| |
| posts: |
33 |
| joined: |
05/01/2007 |
| from: |
MS |
|
|
|
|
|
| Comparison od SHA fucntions |
Algorithm + Output size + Internal state size + Block size + Max message size + Word size
(bits) (bits) (bits) (bits) (bits)
SHA-0 160 160 512 2^64 − 1 32
SHA-1 160 160 512 2^64 − 1 32
SHA-2:
SHA-224 224 256 512 2^64 − 1 32
SHA-256 256 256 512 2^64 − 1 32
SHA-384 384 512 1024 2^128 − 1 64
SHA-512 512 512 1024 2^128 − 1 64
|
|
|
|
|
|
|
X509
member
offline |
| |
| posts: |
33 |
| joined: |
05/01/2007 |
| from: |
MS |
|
|
|
|
|
| Examples |
160 bits output of SHA-1 of message:
SHA1("The quick brown fox jumps over the lazy dog")
= 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12
A small change in the message leading to a completely different hash:
SHA1("The quick brown fox jumps over the lazy cog")
= de9f2c7f d25e1b3a fad3e85a 0bd17d9b 100db4b3
|
|
|
|
|
|
|
X509
member
offline |
| |
| posts: |
33 |
| joined: |
05/01/2007 |
| from: |
MS |
|
|
|
|
|
| More Examples |
MD5 --> (128bits/16bytes)
MD5("The quick brown fox jumps over the lazy dog")
= 9e107d9d 372bb682 6bd81d35 42a419d6
SHA-1 --> (160bits/20bytes)
SHA-1("The quick brown fox jumps over the lazy dog")
= 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12
SHA-256 --> (256bits/32bytes)
SHA-256("The quick brown fox jumps over the lazy dog")
= d7a8fbb3 07d78094 69ca9abc b0082e4f 8d5651e4
6d3cdb76 2d02d0bf 37c9e592
SHA-384--> (384bits/48bytes)
SHA-384("The quick brown fox jumps over the lazy dog")
= ca737f10 14a48f4c 0b6dd43c b177b0af d9e51693
67544c49 4011e331 7dbf9a50 9cb1e5dc 1e85a941
bbee3d7f 2afbc9b1
SHA-512--> (512bits/64bytes)
SHA-512("The quick brown fox jumps over the lazy dog")
= 07e547d9 586f6a73 f73fbac0 435ed769 51218fb7
d0c8d788 a309d785 436bbb64 2e93a252 a954f239
12547d1e 8a3b5ed6 e1bfd709 7821233f a0538f3d
b854fee6
|
|
|
|
|
|
|
X509
member
offline |
| |
| posts: |
33 |
| joined: |
05/01/2007 |
| from: |
MS |
|
|
|
|
|
| Secret code on USCYBERCOM's emblem |
The inner golden ring of the U.S. Cyber Command emblem includes some kind of secret code which has drawn a huge public attention. It reads 9ec4c12949a4f31474f299058ce2b22a. What the heck is it?
It is simply an MD5 hash of the U.S. military’s new Cyber Command mission statement which is:
USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.
MD5 --> (128bits/16bytes)
MD5("USCYBERCOM plans, coordinates, integrates, synchronizes
and conducts activities to: direct the operations and defense
of specified Department of Defense information networks and;
prepare to, and when directed, conduct full spectrum military
cyberspace operations in order to enable actions in all domains,
ensure US/Allied freedom of action in cyberspace and deny
the same to our adversaries.")
= 9ec4c12949a4f31474f299058ce2b22a
|
|
|
|
|
|
|
X509
member
offline |
| |
| posts: |
33 |
| joined: |
05/01/2007 |
| from: |
MS |
|
|
|
|
|
| It's a shame for USCYBERCOM to put a weak hash 9ec4c12949a4f31474f299058ce2b22a on its emblem |
SHA-1 --> (160bits/20bytes)
SHA-1("USCYBERCOM plans, coordinates, integrates, synchronizes
and conducts activities to: direct the operations and defense
of specified Department of Defense information networks and;
prepare to, and when directed, conduct full spectrum military
cyberspace operations in order to enable actions in all domains,
ensure US/Allied freedom of action in cyberspace and deny
the same to our adversaries.")
= ded78b51e66596ba095d39b138b2aa22bc9185e2
As discussed above, like SHA-1, MD5 has been compromised. NIST.gov and even the US Department of Homeland security itself have stated that it is weak and the US government will be moving away from using it after 2010. So why did the USCYBERCOM choose the weaker form and proudly imprint it on its face? It's simply a shame. Instead, one of the stronger hash should be picked just for fun.
SHA-256 --> (256bits/32bytes)
[code]
SHA-256("USCYBERCOM plans, coordinates, integrates, synchronizes
and conducts activities to: direct the operations and defense
of specified Department of Defense information networks and;
prepare to, and when directed, conduct full spectrum military
cyberspace operations in order to enable actions in all domains,
ensure US/Allied freedom of action in cyberspace and deny
the same to our adversaries.")
= 7521ea74913335fc0fb3a47dfa0ca32636ff59bceabadee0dcfbf25ad85a03eb
SHA-384--> (384bits/48bytes)
[code]
SHA-384("USCYBERCOM plans, coordinates, integrates, synchronizes
and conducts activities to: direct the operations and defense
of specified Department of Defense information networks and;
prepare to, and when directed, conduct full spectrum military
cyberspace operations in order to enable actions in all domains,
ensure US/Allied freedom of action in cyberspace and deny
the same to our adversaries.")
= 1cdb694138c5548c2e967fadeae96acb5343fbc7963318be7
c14045c828b2ee7602d4599dce0ebe77beee0e7de1f0e91
SHA-512--> (512bits/64bytes)
[code]
SHA-512("USCYBERCOM plans, coordinates, integrates, synchronizes
and conducts activities to: direct the operations and defense
of specified Department of Defense information networks and;
prepare to, and when directed, conduct full spectrum military
cyberspace operations in order to enable actions in all domains,
ensure US/Allied freedom of action in cyberspace and deny
the same to our adversaries.")
= e038a25f13427fce20e6ac5b0a24c84db01d105f589bef0013
6b8581bf021ea8826f98b8f8d8db63551c2837edab2b491fb4
1f71d844042636e84252476fc8a9
|
|
|
|
|
|
|
|
Email To Friend | 
Set Alert To This Topic
New Topic | 
Post Reply 
posted on: 07/07/2010 02:26:41 PM
Edit
Quote
Report
Profile
Reply