Cryptography-SHA-1 algorithm

Experiment 7 SHA-1

1. Purpose of the experiment

Familiar with the running process of the SHA-1 algorithm, and be able to use C++ language to write programs to implement the SHA-1 algorithm.

Add understanding of summary functions.

2. Experimental requirements

(1) Understand the definition and working process of SHA-1 round function.

(2) Use VC++ language to implement the SHA-1 algorithm.

(3) Analyze the performance of SHA-1 algorithm operation.

3. Experimental Principle

After SHA-1 preprocesses packets of plaintext of any length, the plaintext length is an integer multiple of 512 bits. It is worth noting that the original message length of SHA-1 cannot exceed 2 to the 64th power, and then SHA-1 generates 160 Bit message digest. The SHA-1 algorithm is simple and compact, and easy to implement on a computer. Figure 6-1 shows the processing of a single 512-bit packet by SHA-1.

1. Experimental environment

Ordinary computer Intel i5 [email protected], 4GB RAM, Windows 7 Professional Edition, VS platform.

2. Algorithm implementation steps

1) Convert message digest into bit string

Because in the SHA-1 algorithm, its input must be bits, it must first be converted into a bit string. Use the “abc” string to illustrate the problem. Because ‘a’=97, ‘b’=98, ‘c’=99, it is converted into a bit string and is 01100001 01100010 01100011

2) Perform bit-filling operation on the converted bit string

The SHA-1 algorithm standard stipulates that the message digest must be padded, that is, the input data is padded so that the data length is 448 after the modulus of 512. The highest bit of the padding bit is padded with a 1, and the remaining bits are padded with 0s. If the modulo remainder of 512 is 448 before the bit is filled, then the bit must be filled, followed by a 1. In short, the filling is to fill in at least one position and at most 512 positions. Still taking “abc” as an example, the filling process is as follows: initial information summary: 01100001 01100010 01100011 first step filling: 01100001 01100010 011000111, last filling: 01100001 01100010 01100011 10…0 (filled later 423 0)

Then convert the information digest after the padding operation to hexadecimal:

61626380 00000000 00000000 00000000 00000000 00000000 00000000

00000000 00000000 00000000 00000000 00000000 00000000 00000000

3) Additional length value

64 bits of information are appended to the end of the information digest to indicate the length of the original information digest. After this step, the information message is a multiple of 512 bits. Generally speaking, a 64-bit data is used to represent the length of the original message. If the message length is not greater than 2, then the first 32 bits are 0. After the appended length value operation is performed, the “abc” data message becomes as follows form:

61 62638000000000 00000000 00000000

00000000 00000000 00000000 00000000

00000000 00000000 00000000 00000000

00000000 00000000 00000000 0000001 8

Because “abc” occupies 3 bytes, that is, 24 bits, it is 0x18 after conversion to hexadecimal.

4)Initialize cache

A 160-bit MD buffer is used to store the results of the intermediate and final hash functions. It can be expressed as 5 32

Bit register (H0, H1, H2, H3, H4). Initialization is as follows:

HO = 0x67452301

H2 = 0x98BADCFE

H3 = 0x10325476

H4 = 0xC3D2E1F0

If you are familiar with MD-5, you will find an important phenomenon. The first four are the same as MD-5.

But the difference is that it is stored as Big-EndienFormat.

Four. Algorithm Implementation

(2) Use VC++ language to implement the SHA-1 algorithm.

#include <iostream>
#include <string>
#include <iomanip>
#include <sstream>
#include <Windows.h>
#include <wincrypt.h>

// function declaration
std::string sha1(const std::string & amp; input);

int main() {
    std::string data = "Hello, SHA-1!";
    std::string hash = sha1(data);

    std::cout << "SHA-1 Hash: " << hash << std::endl;

    return 0;
}

// SHA-1 algorithm implementation
std::string sha1(const std::string & amp; input) {
    HCRYPTPROV hCryptProv;
    HCRYPTHASH hHash;
    BYTE rgbHash[20];
    DWORD cbHash = 20;

    if (!CryptAcquireContext( & amp;hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
        return "";

    if (!CryptCreateHash(hCryptProv, CALG_SHA1, 0, 0, & amp;hHash)) {
        CryptReleaseContext(hCryptProv, 0);
        return "";
    }

    if (!CryptHashData(hHash, (const BYTE*)input.c_str(), input.length(), 0)) {
        CryptReleaseContext(hCryptProv, 0);
        CryptDestroyHash(hHash);
        return "";
    }

    if (!CryptGetHashParam(hHash, HP_HASHVAL, rgbHash, & amp;cbHash, 0)) {
        CryptReleaseContext(hCryptProv, 0);
        CryptDestroyHash(hHash);
        return "";
    }

    std::stringstream ss;
    for (int i = 0; i < cbHash; i + + ) {
        ss << std::hex << std::setw(2) << std::setfill('0') << (int)rgbHash[i];
    }

    CryptDestroyHash(hHash);
    CryptReleaseContext(hCryptProv, 0);

    return ss.str();
}

Run results:

(3) Analyze the performance of SHA-1 algorithm:

SHA-1 is a hashing algorithm commonly used for data integrity verification and digital signatures. However, over time, the performance and security of SHA-1 have been challenged, so it should be used with caution in real-world applications.

Performance analysis includes the following aspects:

a. Calculation speed: The calculation speed of SHA-1 is usually faster and is suitable for quickly generating hash values.

b. Security: SHA-1 is no longer considered a secure hash algorithm because collision attacks have emerged that can generate two different inputs that produce the same SHA-1 hash value. This makes SHA-1 unsuitable for encryption or signing of sensitive data.

c. Application areas: SHA-1 can still be used in some non-security-critical applications, such as when verifying data integrity. But for applications that require high security, you should choose a more secure hash algorithm, such as SHA-256 or SHA-3.

5. Experimental experience

SHA-1 is a hash algorithm based on bit operations and logical operations, which converts input data into a fixed-length (160-bit) hash value. SHA-1 generally performs well in terms of performance, but is no longer considered a secure hash algorithm. Therefore, it is recommended to use more secure hashing algorithms in applications, especially when sensitive data needs to be protected. Algorithms such as SHA-256 and SHA-3 provide greater security and can meet stricter security requirements. When implementing the SHA-1 algorithm, you need to convert the input string into an appropriate format and pad the data to ensure that the data length meets the requirements of the SHA-1 algorithm. Includes bit stuffing and additional data length. Through experiments, I learned about the various steps in the SHA-1 algorithm, including information chunking, message expansion, initialization of hash values, iterative operations, etc. This helps to better understand the inner workings of SHA-1. This experiment enabled me to deepen my understanding of hash algorithms and improve my programming skills.