SHA-2

SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression function itself built using the Davies–Meyer structure from a specialized block cipher.

Secure Hash Algorithms
Concepts
hash functions, SHA, DSA
Main standards
SHA-0, SHA-1, SHA-2, SHA-3
SHA-2
General
DesignersNational Security Agency
First published2001 (2001)
Series(SHA-0), SHA-1, SHA-2, SHA-3
CertificationFIPS PUB 180-4, CRYPTREC, NESSIE
Detail
Digest sizes224, 256, 384, or 512 bits
StructureMerkle–Damgård construction with Davies–Meyer compression function
Rounds64 or 80
Best public cryptanalysis
A 2011 attack breaks preimage resistance for 57 out of 80 rounds of SHA-512, and 52 out of 64 rounds for SHA-256.

Pseudo-collision attack against up to 46 rounds of SHA-256.

SHA-256 and SHA-512 are prone to length extension attacks. By guessing the hidden part of the state, length extension attacks on SHA-224 and SHA-384 succeed with probability 2−(256−224) = 2−32 > 2−224 and 2−(512−384) = 2−128 > 2−384 respectively.

SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of six hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256. SHA-256 and SHA-512 are novel hash functions computed with eight 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are truncated versions of SHA-256 and SHA-512 respectively, computed with different initial values. SHA-512/224 and SHA-512/256 are also truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.

SHA-2 was first published by the National Institute of Standards and Technology (NIST) as a U.S. federal standard. The SHA-2 family of algorithms are patented in the U.S. The United States has released the patent under a royalty-free license.

As of 2011, the best public attacks break preimage resistance for 52 out of 64 rounds of SHA-256 or 57 out of 80 rounds of SHA-512, and collision resistance for 46 out of 64 rounds of SHA-256.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.