Algorithm principle:
The number of bits of the result obtained by the hashing algorithm is limited. For example, the word length of the result of MD5 algorithm is 128, which means that as long as we enumerate 128 twice, we will definitely get a group of collisions. Let's look at a real collision case. We say that MD5 is out of date because it is difficult to show some advantages of hash algorithm at some time-for example, when dealing with minor modifications of files, the fingerprint results obtained by hash algorithm should be significantly different, and the following program shows that MD5 cannot achieve this.
There are many such collision cases, and the above is just an example of a relatively small original document. In fact, now we can find the collision case of MD5 in a few seconds with our smartphones. So a few years ago, MD5 was not recommended as a hash algorithm scheme in application, and it was replaced by SHA family algorithm, namely Secure Hash Algorithm (SHA).
SHA actually contains a series of algorithms, namely, SHA- 1, SHA-224, SHA-256, SHA-384 and SHA-5 12. And the SHA2 we are talking about is actually a general term for the latter four. The following table compares the data of various SHA algorithms, and the length unit is bits:
MD5 and SHA 1 both have four logical functions, and SHA2 uses six logical functions in a series of algorithms.
Taking SHA- 1 as an example, the algorithm includes the following processing procedures:
Input is handled in the same way as MD5.
The length of plaintext processed by adding digits is exactly an integer multiple of 5 12 bits, and then a certain number of plaintext groups can be obtained by grouping according to the length of 5 12 bits. We use Y 0, Y 1, ... YN- 1 to represent these plaintext groups. For each plaintext packet, repeated processing is required, which is the same as MD5.
For each plaintext packet with 5 12 bits, SHA 1 divides it into 16 smaller plaintext packets, which are called sub-plaintext packets. Each sub-plaintext packet is 32 bits, and we use m [t] (t = 0, 1, ...1. Then we need to expand the sub-plaintext packet of 16 to 80 sub-plaintext packets, which we call W [t] (t = 0, 1, ... 79). The specific expansion method is: when 0≤t≤ 15, Wt = Mt;; When 16≤t≤79, wt = (wt-3 ⊕ wt-8 ⊕ wt-14 ⊕ wt-16).
Initializing the cache is to assign an initial value to the link variable. When we realized the MD5 algorithm, we said that because the abstraction is 128 bits and the calculation unit is 32 bits, we need four linked variables. Similarly, SHA- 1 uses 160 bits for information summary, which also takes 32 bits as the calculation length and needs 5 link variables. Let's write it as A, B, C, D and E, and the initial assignment is: A = 0x6745230 1, B = 0xEFCDAB89, C = 0x98BADCFE, D = 0x 10325476, E = 0xC3D2e/kloc-.
If we compare the MD5 algorithm mentioned above, we will find that the initial values of the first four linked variables are the same, because they are homologous.
After the preliminary preparation, the next step is to calculate the information summary. SHA 1 has four rounds of operation, each round includes 20 steps, and one ***80 steps. Finally, a 60-bit information summary of/kloc-0 is generated and stored in five 32-bit linked variables.
In the four operations of SHA 1, although the specific operation functions are different, the logical process is the same. Firstly, five variables are defined, assuming that they are H0, H 1, H2, H3 and H4, and the following operations are performed on them respectively:
(a) Shift A to the left by 5, sum the results of the sum function, and then give the sum result to H0 together with the corresponding sub-plaintext grouping E and the calculation constant.
(b) The given value of a is H 1.
(c) Move B 30 places to the left and give it to H2.
Give the value of c to H3.
(e) Assign the value of d to H4.
(f) Finally, assign the values of H0, H 1, H2, H3 and H4 to A, B, C and D respectively.
The process is represented as follows:
The following table shows the functions and fixed constants used in the 4-round and 80-step calculations:
After four rounds of 80-step calculation, the result is added to the initial value of each linked variable to get our final information summary. For multiple plaintext groups, the previous result is used as the initial value to calculate the next plaintext group, and finally all plaintext groups are calculated to get the final result.