This preview shows page 1. Sign up to view the full content.
Unformatted text preview: e for the message. Signing the message digest rather than the message often improves the efficiency of the process, because the message digest is usually much smaller than the message. The same message digest should be obtained by the verifier of the signature when the received version of the message is used as input to SHA. The SHA is called secure because it is designed to be computationally infeasible to recover a message corresponding to a given message digest, or to find two different messages which produce the same message digest. Any change to a message in transit will, with a very high probability, result in a different message digest, and the signature will fail to verify. The SHA is based on principles similar to those used by Professor Ronald L. Rivest of MIT when designing the MD4 message digest algorithm [1319], and is closely modelled after that algorithm. SHA produces a 160bit hash, longer than MD5. Description of SHA
First, the message is padded to make it a multiple of 512 bits long. Padding is exactly the same as in MD5: First append a one, then as many zeros as necessary to make it 64 bits short of a multiple of 512, and finally a 64bit representation of the length of the message before padding. Five 32bit variables (MD5 has four variables, but this algorithm needs to produce a 160bit hash) are initialized as follows: A = 0x67452301 B = 0xefcdab89 C = 0x98badcfe D = 0x10325476 E = 0xc3d2e1f0 The main loop of the algorithm then begins. It processes the message 512 bits at a time and continues for as many 512bit blocks as are in the message. First the five variables are copied into different variables: a gets A, b gets B, c gets C, d gets D, and e gets E. The main loop has four rounds of 20 operations each (MD5 has four rounds of 16 operations each). Each operation performs a nonlinear function on three of a, b, c, d, and e, and then does shifting and adding similar to MD5. SHA’s set of nonlinear functions is: ft(X,Y,Z ) = (X¥ Y) ¦ ((¬ X )¥ Z), for t = 0 to 19. ft (X,Y,Z ) = X • Y • Z, for t = 20 to 39. ft (X,Y,Z ) = (X¥ Y ) ¦ (X¥ Z) ¦ (Y¥ Z), for t = 40 to 59....
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details