1. Simple summary of SHA algorithm
SHA (Security Hash Algorithm) is a standard Hash algorithm designed by NIST and NSA in the United States. SHA is used in DSS, which is a standard algorithm for digital signatures, and is also a highly secure Hash algorithm.
2. Introduction to SHA series algorithms
1) SHA-1
The input message length of the SHA-1 algorithm is less than 264 bits, and the final output value is 160 Bits. Compared with MD4, SHA-1 mainly adds extended transformation, and the output of the previous round is also added to In the next round, this increases the avalanche effect, and because of its 160 Bits output, it is more resistant to exhaustion.
Rough implementation process: Convert the message digest into a bit string, perform bit-filling operation on the converted bit string, append the length value and initialize the cache, and then calculate the message digest.
2) SHA-256 algorithm
The maximum length of the input message of the SHA-256 algorithm does not exceed 264 Bits. The input is processed in 512 Bits grouping, and the output generated is a 256 Bits message digest.
Algorithm processing steps:
1. Add padding bits
to fill the message so that the length of the message is congruent with 448 mod 512 (length = 448 mod 512), the number of padding bits ranges from 1 to 512, the highest bit of the padding bit string is 1, and the remaining bits are 0. That is, add a 1 to the end of the message, and then add many 0s, until the length meets mod 512=448. Why is it 448? Because 448+64=512. The second step will add a 64-bit length information of the original message.
2. Additional length value
The bit length of the initial message (before padding) represented by 64 bits is appended to the result of step 1 (low byte first).
- The initialization cache
uses a 256-bit cache to store the intermediate and final results of the hash function. It can be expressed as 8 32-bit registers (A, B, C, D, E, F, G, H)
4. Processing 512-bit packet sequence.
The algorithm uses six basic logic functions, which consist of 64 iterative operations. Each step takes the 256-bit cache value ABCDEFGH as input, and then updates the cache content. Each step uses a 32-bit constant value Kt and a 32-bit Wt.
- Result output After
all 512-bit packets are processed, the output generated for the last packet of the SHA-256 algorithm is a 256-bit message digest.
Supplement: (The specific implementation design here involves some mathematical knowledge, and the specific details are not discussed. Students only need to understand the general process)
3) Other derived algorithms of SHA-2
include SHA-224, SHA-256, SHA-384, and SHA-512. These versions together form the SHA family.
SHA-224: The "castrated version" of SHA-256, which can generate a 224-bit message digest.
SHA-512: It can generate 512bit information digest.
SHA-384: The "castrated version" of SHA-512, which can generate 384-bit information digests.
SHA-3, the newest member of the SHA family, came out in 2015. Regarding the details of SHA-3, interested friends can check the information for further study.
3. Analyze the SHA code in Eclipse and demonstrate the effect
1) The main class MainActivity
passes in the data to be encrypted by calling the custom SHA algorithm, and then uses the custom byteArr2HexStr method to traverse and splice;
2) The SHA class
uses the getInstance method to obtain different algorithms. The approximate implementation of each algorithm is the same. The only difference is that the algorithms obtained by getInstance are different;
The code is the same, the only difference is that the algorithm obtained using getInstnce is different;
summary:
1. Introduce the algorithms and implementation principles related to the SHA series.
2. Analyze the SHA algorithm code and demonstrate the running effect.