2. History of SHA -512
• The original specification of the algorithm was
published in 1993 under the title Secure Hash Standard
(SHA-0), by U.S government standards agency NIST.
• It was withdrawn by the NSA shortly after publication
and was superseded by the revised version, published in
and commonly designated SHA-1.
• SHA-1 is a cryptography hash function which takes an
input and produces a 160-bit hash value known as a
message digest – typically rendered as a hexadecimal
number, 40 digits long.
3. • Since 2005, SHA-1 has not been considered secure against well-
funded opponents.
• As of 2010 many organizations have recommended its
replacement.
• NIST formally deprecated use of SHA-1 in 2021 and disallowed its
use for digital signature in 2013.
• The predecessor is SHA-2. SHA-2 includes significant changes
from its predecessor, SHA-1.
• The SHA-2 family consists of six hash function with digests (hash
values) that are 224, 256, 384, or 512 bits: SHA-224, SHA-256, SHA-
384, SHA- 512, SHA- 512/224, SHA- 512/256. SHA- 256 and SHA-
512 are novel hash functions computed with 32-bit and b4-bit
words, respectively.
4. Overview of SHA - 512
• SHA-512 create a digest of 512 bits
from multiple block message.
• Each block is 1024 bits in length.
5. SHA -512 (Secure Hash Algorithm)
SHA – 512 does it work in a few stages.
1. Append padding bits
2. Append length
3. Initialize hash buffer
4. Process Message
5. Output
Characteristics of SHA
6. Step 1: Message Preparation
• SHA-512 insists that the length of the original message be less than 2128
bits.
• If the length of a message >= 2128
, it will not be processed.
• Padding and length field:
• we need to pad the original message to make the length a multiple of
1024.
• The length of the padding field can be calculated as follows:
(|M| + |P| + 128) = 0 mod 1024
|P| = (-|M| - 128) mod 1024
where |P| - length of padding bits.
|M| - length of original message.
• After padding, add the length of original message as 128 bits at the end
7. Example:
What is the number of padding bits if the original message length is 2348?
Given; M = 2348
|P| = (-|M| - 128) mod 1024
= (-2348 - 128) mod 1024
= - 2476 mod 1024 = 1024 – (2476 mod 1024) = 586
Therefore, |P| = 586
Then after padding we add 128 bits at the end to represent the length
2348.
So, total bits will be 2348 + 586 + 128 = 3072 bits
Number of 1024 blocks = 3072/1024 = 3
8. Example
ASCII characters: “ABC,” which is equivalent to the following 24-bit binary string: 0110 0001
0110 0010 0110 0011
NOTE: ASCII values of A,B,C are 65,66,67 respectively.
Padding consists of (-24 -128) mod 1024 = 872bits, consisting of a “1” bit followed by 871
“0” bits.
6162638000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 0000000000000000
• Then a 128-bit length value is appended to the message, which contains the length of the
original message (before the padding).
• The original length is 24 bits, or a hexadecimal value of 18. Putting this all together, the
1024-bit message block, in hexadecimal,
10. Step 2: Words Expansion
• Words:
• SHA-512 operates on words of 64 bits.
• This means that after the padding and the length field are
added to the message, each block of the message consists of
sixteen 64-bits words.
• The message digest also made of 64-bit words, but it is only
eight words that named as A, B, C, D, E, F, G, and H.
11. Words Expansion
• Before processing, each message block must be expanded to
1024 bits, or sixteen 64-bit words.
• The 16-word blocks needs to be expanded to 80 words, from
W0 to W79.
• The 1024-bit block become the first 16 words; the rest of the
words come from already-made words according to the
operation.
13. Example
Show how W60 is made.
Each word in the range W16 to W79 is made from four previously-
made words.
As we know,
Wi = Wi-16 RotShift1-8-7 (Wi-15) Wi-17 RotShift19-61-6 (Wi-2)
W60 is made as
W60 = W44 RotShift1-8-7 (W45) W53 RotShift19-61-6 (W58)
14. Step 3: Message Digest Initialization
• The algorithm uses eight constant for message digest
initialization.
• We call these constants A0 to H0 to match the word naming
used for the digest.
15. Step 4: Compression Function (F)
• SHA-512 creates a 512-bit (eight 64-bit words)
message digest from a multiple-block message where
each block is 1024 bits.
• The processing of each block of data in SHA-512
involves 80 rounds.
19. Example
• We apply the Majority function on buffers A, B, and C. If the leftmost
hexadecimal digits of these buffers are 0x7, 0xA, and 0xE, respectively, what
is the leftmost digit of the result?
Solution:
The digits in binary are 0111, 1010, and 1110.
i. The first bits are 0, 1, and 1. The majority is 1.
ii. The second bits are 1, 0, and 1. The majority is 1.
iii. The third bits are 1, 1, and 1. The majority is 1.
iv. The fourth bits are 1, 0, and 0. The majority is 0.
The result is 1110, or 0xE in hexadecimal.
20. Example
• We apply the Conditional function on E, F, and G buffers. If the leftmost
hexadecimal digits of these buffers are 0x9, 0xA, and 0xF respectively, what
is the leftmost digit of the result?
Solution:
The digits in binary are 1001, 1010, and 1111.
a. The first bits are 1, 1, and 1. The result is F1, which is 1.
b. The second bits are 0, 0, and 1. The result is G2, which is 1.
c. The third bits are 0, 1, and 1. The result is G3, which is 1.
d. The fourth bits are 1, 0, and 1. The result is F4, which is 0.
The result is 1110, or 0xE in hexadecimal.
21. Round Constants (K0 to K79 )
• There are 80 constants, K0 to K79 , each of 64 bits.
• Similar to the initial values for the eight digest buffer, these values are
calculated from the first 80 prime numbers (2, 3, …, 409).
• NOTE: Cubic root of prime number, convert to hexa-deci, then consider
the fraction part.
• For example: The 80th prime is 409, with the cubic root
(409)1/3
= 7.42291412044.
• Converting this number to binary with only 64 bits in the fraction part, we
get:
