13 Ağustos 2007 Pazartesi

The SHA Hash Functions


RSA Wikipedia

Electronic Frontier Foundation

The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. SHA stands for Secure Hash Algorithm. Hash algorithms compute a fixed-length digital representation (known as a message digest) of an input data sequence (the message) of any length. They are called “secure” when (in the words of the standard), “it is computationally infeasible to:

   1. find a message that corresponds to a given message digest, or
   2. find two different messages that produce the same message digest.

Any change to a message will, with a very high probability, result in a different message digest.”

The five algorithms are denoted SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512. The latter four variants are sometimes collectively referred to as SHA-2. SHA-1 produces a message digest that is 160 bits long; the number in the other four algorithms' names denote the bit length of the digest they produce.

SHA-1 is employed in several widely used security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec. It was considered to be the successor to MD5, an earlier, widely-used hash function.

The security of SHA-1 has been somewhat compromised by cryptography researchers. Although no attacks have yet been reported on the SHA-2 variants, they are algorithmically similar to SHA-1 and so efforts are underway to develop improved alternative hashing algorithms. "NIST is initiating an effort to develop one or more additional hash algorithms through a public competition, similar to the development process for the Advanced Encryption Standard (AES)." It's tentatively scheduled to proclaim winner and publish final standard in 2012.

Even a small change in the message will, with overwhelming probability, result in a completely different hash due to the avalanche effect.

SHA1("The quick brown fox jumps over the lazy dog")
  = 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12

SHA1("The quick brown fox jumps over the lazy cog")
  = de9f2c7f d25e1b3a fad3e85a 0bd17d9b 100db4b3

1 yorum:

machinecity dedi ki...

security matters most lately. Cryptographers are great guys...