Post : SHA-256 (Secure Hash Algorithm): Detailed Study
Title : SHA-256 (Secure Hash Algorithm): Detailed Study
SHA-256 (Secure Hash Algorithm): Detailed Study
Secure Hash Algorithm - 256
You can't decrypt SHA-256 as it is not an encryption algorithm. A lot of people are under the impression that SHA-256 encrypts data. It does no such thing. All it does is compute a hash value for a given set of data.
SHA-256 is a message-digest algorithm. It is used to compute a hash value in cryptography. So what's an hash function then?
Simply put, a hash function takes a block of data and returns a fixed-size bit string (hash value). The data used by hash functions is referred to as a "message" while the computed hash value is referred to as the "message digest".
Secure hash algorithm-256 is used as part of the process of authenticating Debian GNU/Linux software packages and in the DKIM message signing standard; SHA-512 is part of a system to authenticate archival video from the International Criminal Tribunal of the Rwandan genocide. SHA-256 and SHA-512 are proposed for use in DNSSEC. Unix and Linux vendors are moving to using 256- and 512-bit SHA-2 for secure password hashing.
How to use it?
Like other hash functions, It is also used in digital signatures, message authentication codes, to index data in hash tables, for finger-printing, to detect duplicate data, uniquely identify files, and as checksums to detect accidental data corruption.
Also, it is not reversible. Hash functions are used as one-way methods. They take the data (messages) and compute hash values (digests). The inverse can not be done.
How it works?
SHA-256 operates in the manner of MD4, MD5, and SHA-1: The message to be
hashed is rst
(1) padded with its length in such a way that the result is a multiple of 512 bits
long, and then
(2) parsed into 512-bit message blocks M(1);M(2); : : : ; M(N).
The message blocks are processed one at a time: Beginning with a xed initial
hash value H(0), sequentially compute
H(i) = H(i1) + CM(i)(H(i1));
where C is the SHA-256 compression function and + means word-wise mod 232
addition. H(N) is the hash of M.
The SHA-256 compression function operates on a 512-bit message block and a 256-
bit intermediate hash value. It is essentially a 256-bit block cipher algorithm which
encrypts the intermediate hash value using the message block as key. Hence there
are two main components to describe: (1) the SHA-256 compression function, and
(2) the SHA-256 message schedule.
According to Thomas Pornin
SHA-256 uses an internal compression function ff which takes two inputs, of size 512 and 256 bits respectively, and outputs 256 bits. Hashing works like this:
Input message MM is first padded by appending between 129 and 640 bits (inclusive), resulting into a padded message M′M′ whose length (in bits) is a multiple of 512.
M′M′ is split into nn 512-bit blocks M1M1, M2M2,... MnMn (each block has length 64 bytes).
Set X0X0 (a 256-bit value) to a conventional initial value (which is specified in the SHA-256 standard, section 5.3.3).
Process each block in due sequence, by computing Xi=f(Mi,Xi−1)Xi=f(Mi,Xi−1) for all ii from 11 to nn.
The hash value is XnXn.
The XiXi values can be seen as the successive contents of a state variable XX (indeed, when you have computed XiXi, you can discard Xi−1Xi−1 since that value will not be used thereafter).
Your "midstate" is X1X1: that's the contents of the "state" after having processed the first block. Since all your 128-byte messages begin with the exact same 64-byte header, all the hash computations formally begin by processing the same block M1M1, with the same X0X0 (the conventional initial value), resulting in the same X1=f(M1,X0)X1=f(M1,X0). You would like to "restart" each computation from that value X1X1 directly, to avoid recomputing it again and again.
Doing that over an existing library implementing SHA-256 may or may not be easy, depending on what facilities that library offers. For a basic SHA-256 library, there are two possible issues:
The library may refuse to output X1X1, because it would insist on computing hash values over a padded message only; you want to have the output of ff over a given M1M1 block without padding.
The library may refuse to start a new computation starting with the X1X1 you provide instead of the conventional initial value X0X0.
Some libraries offer a bit more. For instance, consider sphlib. With that library, there are two ways to achieve what you seek:
The implementation works over a context structure (of type sph_sha256_context) which represents the current state. You can thus begin a computation by processing the header, and then clone the context to make many hash computations which start from that exact point. It would look like this:
sph_sha256_context sc;
sph_sha256_init(&sc);sphlib offers an sph_sha256_comp() function which implements exactly the compression function ff. You can use it to compute SHA-256 "manually", block by block, starting from any state value XX you wish. You would have to take care of encoding issues (SHA-256 is big-endian throughout, use sph_dec32be() and sph_enc32be() to do that properly and portably) and padding. If all your messages have length exactly 128 bytes, then padding is always a full 64-byte block, consisting in a byte of value 0x80, followed by 61 bytes of value 0x00, and then two bytes of value 0x04 0x00. Expressed in 16 32-bit words, first word has numerical value 0x80000000, followed by 14 words of value zero, then a final word of value 0x00000400.
sph_sha256(&sc, header, 64);
for (/* all 128-byte messages */) {
sph_sha256_context sc2;
unsigned char second_half[64];
unsigned char out[32];
/* set second_half[] to the second half of the 128-byte message */
sc2 = sc;
sph_sha256(&sc2, second_half, 64);
sph_sha256_close(&sc2, out);
/* SHA-256 output is in out[] */
}
For heavy hash crunching (I understand that's the point), your best bet is still probably to extract the inner loop from an opensource implementation, and integrate it directly in your code, so as to avoid any overhead from the library API. You also probably want to avoid heavy encoding/decoding, and work over 32-bit words directly (while SHA-256 takes as input a bit sequence, it soon converts it to a sequence of 32-bit words and works over that). I invite you to do your own SHA-256 implementation, working from the standard: it is not hard, that standard is reasonably clear, and it will grant you enough knowledge on how SHA-256 works to optimize your code (even if you end up reusing parts of some other implementation).
According to Wikipedia,
SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of six hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256.
Several cryptocurrencies like Bitcoin use SHA-256 for verifying transactions and calculating proof-of-work or proof-of-stake. The rise of ASIC SHA-2 accelerator chips has led to the use of scrypt-based proof-of-work schemes.
SHA-1 and SHA-2 are the secure hash algorithms required by law for use in certain U.S. Government applications, including use within other cryptographic algorithms and protocols, for the protection of sensitive unclassified information. FIPS PUB 180-1 also encouraged adoption and use of SHA-1 by private and commercial organizations. SHA-1 is being retired for most government uses; the U.S. National Institute of Standards and Technology says, "Federal agencies should stop using SHA-1 for...applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010" (emphasis in original).[20] NIST's directive that U.S. government agencies must stop uses of SHA-1 after 2010 was hoped to accelerate migration away from SHA-1.
Here are few examples for the SHA implementation. The possible MessageDigest algorithm are SHA-1, SHA-256, SHA-384, and SHA-512, you can check the reference for the detail.
1. File checksum with SHA-256
It will use SHA-256 hashing algorithm to generate a checksum for file “c:\\loging.log”.
package com.mkyong.test;Output:
import java.io.FileInputStream;
import java.security.MessageDigest;
public class SHACheckSumExample
{
public static void main(String[] args)throws Exception
{
MessageDigest md = MessageDigest.getInstance("SHA-256");
FileInputStream fis = new FileInputStream("c:\\loging.log");
byte[] dataBytes = new byte[1024];
int nread = 0;
while ((nread = fis.read(dataBytes)) != -1) {
md.update(dataBytes, 0, nread);
};
byte[] mdbytes = md.digest();
//convert the byte to hex format method 1
StringBuffer sb = new StringBuffer();
for (int i = 0; i < mdbytes.length; i++) {
sb.append(Integer.toString((mdbytes[i] & 0xff) + 0x100, 16).substring(1));
}
System.out.println("Hex format : " + sb.toString());
//convert the byte to hex format method 2
StringBuffer hexString = new StringBuffer();
for (int i=0;i<mdbytes.length;i++) {
hexString.append(Integer.toHexString(0xFF & mdbytes[i]));
}
System.out.println("Hex format : " + hexString.toString());
}
}
Hex format : 21a57f2fe765e1ae4a8bf15d73fc1bf2a533f547f2343d12a499d9c0592044d42. Hashing String with SHA-256
Hex format : 21a57f2fe765e1ae4a8bf15d73fc1bf2a533f547f2343d12a499d9c0592044d4
It will use SHA-256 hashing algorithm to generate a hash value for a password "123456".
package com.mkyong.test;Output:
import java.security.MessageDigest;
public class SHAHashingExample
{
public static void main(String[] args)throws Exception
{
String password = "123456";
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(password.getBytes());
byte byteData[] = md.digest();
//convert the byte to hex format method 1
StringBuffer sb = new StringBuffer();
for (int i = 0; i < byteData.length; i++) {
sb.append(Integer.toString((byteData[i] & 0xff) + 0x100, 16).substring(1));
}
System.out.println("Hex format : " + sb.toString());
//convert the byte to hex format method 2
StringBuffer hexString = new StringBuffer();
for (int i=0;i<byteData.length;i++) {
String hex=Integer.toHexString(0xff & byteData[i]);
if(hex.length()==1) hexString.append('0');
hexString.append(hex);
}
System.out.println("Hex format : " + hexString.toString());
}
}
Hex format : 8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92Reference for this example,
Hex format : 8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92
http://en.wikipedia.org/wiki/SHA_hash_functions
http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#AppA
Online SHA-256 Generator Tool
1. Generate a SHA-256 hash with this free online encryption tool. To create a SHA-256 checksum of your file, use the upload feature.Access this tool here.
2. Free online SHA-256 Generator toolComputes a digest from a string using SHA-256. Click here to access the tool.
Message: I hope that you have enjoyed 'SHA-256 (Secure Hash Algorithm): Detailed Study' article. However, if you want me to deliver more items, then please share my post. You can use Social Sharing Widget provided at the end of every post. After all, Sharing is Caring!
That is the article of SHA-256 (Secure Hash Algorithm): Detailed Study
make a blog website free
Here Come New Ideas for how do you start your own website for free SHA-256 (Secure Hash Algorithm): Detailed Study, I hope my article give you benefit for you. Make a blog website free, how do you start your own website for free.
0 Response to "SHA-256 (Secure Hash Algorithm): Detailed Study"
Post a Comment