International Journal of Advances in Science and Technology, Vol. 3, No.

3, 2011

SHA-224/256 Based Digital Signature Using FPGA

Lalitha Sowmya M1 & Prof.P.Ravikanth2
1

M.Tech student, ECE Dept, Sri Devi women's Engineering College, Hyderabad, India [email protected]
2

Professor Dept of ECE, Sri Devi womens Engineering College, Hyderabad, India [email protected]

Abstract
SHA standard specifies a secure hash algorithm, The SHA algorithm is iterative, one-way hash function that can process a message to produce a condensed representation called a message digest. This algorithm enables the determination of message integrity: any changes to the message will, with a very high probability, result in a different message digests. This paper designs the SHA-224/256 oriented Digital Signature.

Keywords: SHA algorithm, Digital Signature, FPGA

Introduction
This property is useful in the generation and verification of digital signatures and message authentication codes, and in the generation of random numbers (bits). SHA algorithm can be described in two stages 1) Preprocessing 2) Hash computation. 1) Preprocessing involves padding a message, parsing the padded message into m-bit blocks, and setting initialization values to be used in the hash computation. 2) The hash computation generates a message schedule from the padded message and uses that schedule, along with functions, constants, and word operations to iteratively generate a series of hash values. The final hash value generated by the hash computation is used to determine the message digest. The four algorithms differ most significantly in the number of bits of security that are provided for the data being hashed this is directly related to the message digest length. When a secure hash algorithm is used in conjunction with another algorithm, there may be requirements specified elsewhere that require the use of a secure hash algorithm with a certain number of bits of security. For example, if a message is being signed with a digital signature algorithm that provides 128 bits of security, then that signature algorithm may require the use of a secure hash algorithm that also provides 128 bits of security (e.g., SHA-256). Additionally, the four algorithms differ in terms of the size of the blocks and words of data that are used during hashing.

Special Issue I

Page 25 of 65

ISSN 2229 5216

International Journal of Advances in Science and Technology, Vol. 3, No.3, 2011

Output Algorithm and size variant (bits) SHA-0 SHA-1 160 160

Internal Block Max Word state size size message size Rounds Operations (bits) (bits) size (bits) (bits) 160 160 512 512 512 264 1 264 1 264 1 32 32 32 80 80 64 +,and,or,xor,rot +,and,or,xor,rot +,and,or,xor,shr,rot

Collisions found

Yes None(252 attack) None

SHA2

SHA256/224 256 256/224 SHA512/384 512 512/384

1024

2128 1

64

80

+,and,or,xor,shr,rot

None

Features
The algorithm is used to compute a message digest for a message or data file that is provided as input. The message or data file should be considered to be a bit string. The length of the message is the number of bits in the message (the empty message has length 0). If the number of bits in a message is a multiple of 8, for compactness we can represent the message in hex. The purpose of message padding is to make the total length of a padded message a multiple of 512. The purpose of message padding is to make the total length of a padded message a multiple of 512. As a summary, a "1" followed by m "0"s followed by a 64-bit integer are appended to the end of the message to produce a padded message of length 512 * n.

Implementation
In cryptography, a commitment scheme allows one to commit to a value while keeping it hidden, with the ability to reveal the committed value later. Commitments are used to bind a party to a value so that they cannot adapt to other messages in order to gain some kind of inappropriate advantage. They are important to a variety of cryptographic protocols including secure coin flipping and secure computation schemes. Hash functions are different cryptographic subject which deals with producing a unique finger print message called digest which is fixed in length for a variable length message. Commitment schemes are nothing but producing a unique message called commitment for a input message. This is similar to hash code or message digests that generated by hash functions such as SHA.SHA is a hash function which produces a 160 bit fixed length unique digest for any length message in a complex and irreversible manner. In this project SHA is implemented to provide the security in producing the commitment.

Special Issue I

Page 26 of 65

ISSN 2229 5216

International Journal of Advances in Science and Technology, Vol. 3, No.3, 2011

Application Diagram of SHA-224/256 in Digital Signatures SHA produces a 160-bit digest from a message with a maximum length of (264 1) bits. SHA is based on principles similar to those used in the design of the MD4 and MD5 message digest algorithms, but has a more conservative design. Hash algorithms, also called as message digest algorithms, are algorithms which generate a unique message digest for an arbitrary message falls into authentication protocols section of cryptography. same hash functions can be used for commitment schemes which are important to a variety of cryptographic protocols including secure coin flipping, zero-knowledge proofs, and secure computation .SHA is such Hash function which is crack resistant and most secure and less complex hash function present and can be used utilized for secure commitment scheme applications. The SHA-1 Hash encryption algorithm specifies a Secure Hash Algorithm, which can be used to generate a condensed representation of a message called a message digest. The algorithm is required for use with the Digital Signature Algorithm (DSA) as specified in the Digital Signature Standard (DSS) and whenever a secure hash algorithm is required. Both the transmitter and intended receiver of a message in computing and verifying a digital signature use this method. The same SHA-1 algorithm, but employing a variable key size, is used to create the SHA-2 family of functions. The four hash functions that comprise SHA-2 are SHA-224, SHA-256, SHA-384, and SHA512, with the numeric portion of the name indicating the number of bits in the key. SHA-2 functions are more secured than SHA-1 although not as widely used currently. SHA-1 Hash is used for computing a condensed representation of a message or a data file. When a message of any length < 2 64 bits is input, the Hash algorithm produces a 160-bit output called a message digest. The message digest can then be input to the Digital Signature Algorithm (DSA), which generates or verifies the signature for the message. Signing the message digest rather than the message often improves the efficiency of the process because the message digest is usually much smaller in size than the message. The same hash algorithm must be used by the verifier of a digital signature as was used by the creator of the digital signature The SHA-1 Hash is called secure because it is computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest. Any change to a message in transit will, with very high probability, result in a different message digest, and the signature will fail to verify. SHA-1 is a technical revision of SHA (FIPS 180). A circular left shift operation has been added to the SHA (FIPS 180). SHA-1 improves the security provided by the SHA standard. The SHA-1 is based on principles similar to those used by the MD4 message digest algorithm.

Special Issue I

Page 27 of 65

ISSN 2229 5216

International Journal of Advances in Science and Technology, Vol. 3, No.3, 2011

Hash function

One iteration in a SHA-2 family compression function.

The blue components perform the following operations:

The red

The bitwise rotation uses different constants for SHA-512. The given numbers are for SHA-256. is an addition modulo 232.

NIST published four additional hash functions in the SHA family, named after their digest lengths (in bits): SHA-224, SHA-256, SHA-384, and SHA-512. The algorithms are collectively known as SHA-2. The algorithms were first published in 2001 in the draft FIPS PUB 180-2, at which time review and comments were accepted. FIPS PUB 180-2, which also includes SHA-1, was released as an official standard in 2002. In February 2004, a change notice was published for FIPS PUB 180-2, specifying an additional variant, SHA-224, defined to match the key length of two-key Triple DES. These variants are patented in US 6829355. The United States has released the patent under a royalty free license. SHA-256 and SHA-512 are novel hash functions computed with 32- and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are simply truncated versions of the first two, computed with different initial values. The SHA-2 functions are not as widely used as SHA-1, despite their better security. Reasons might include lack of support for SHA-2 on systems running Windows XP SP2 or older a lack of perceived urgency since SHA-1 collisions have not yet been found, or a desire to wait until SHA-3 is standardized. SHA-256 is used to authenticate Debian Linux software packages[5] and in the DKIM message signing standard; SHA-512 is part of a system to authenticate archival video from the International Criminal Tribunal of the Rwandan genocide.[6] SHA-256 and SHA-512 are proposed for use in DNSSEC.[7] Unix and Linux vendors are moving to using 256- and 512-bit SHA-2 for secure password hashing.[8] NIST's directive that U.S. government agencies must stop uses of SHA-1 after 2010,[9] and the completion of SHA3, may accelerate migration away from SHA-1. A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional change to the data will change the hash value. The data to be encoded is often called the "message," and the hash value is sometimes called the message digest or simply digests.

Special Issue I

Page 28 of 65

ISSN 2229 5216

International Journal of Advances in Science and Technology, Vol. 3, No.3, 2011 The ideal cryptographic hash function has four main or significant properties: it is easy (but not necessarily quick) to compute the hash value for any given message it is infeasible to generate a message that has a given hash it is infeasible to modify a message without changing the hash it is infeasible to find two different messages with the same hash

Result O/P

References
[1]Wang Xiaoyun, Yu Hongbo and Yiqun Lisa Yin, Efficient Collision Search Attacks on SHA-0[C], CRYPTO 2005[2] [2] Wang Xiaoyun, Yiqun Lisa Yin and Yu Hongbo, Finding Collisions in the Full SHA-1[C], CRYPTO 2005[3] [3] Huang Chun, Bai Guoqiang, Chen Hongyi. Fast Implementation of the hardware structure of SHA-1 algorithm[J]. Journal of Tsinghua University 2005(45)1, pp.:123-125. [4] FIPS PUB 180-3, Secure Hash Standard[S], National Institute of Standards and Technology (NIST), 2008 [5] Jian Honglun. Proficient VerilogHDL: The example explanation of IC design core technology[M]. Electronics Industry Pres, 2005.10 [6] Yang Xiaohui, Dai Zibin. FPGA-based implementation of SHA-256 algorithm[J], Microcomputer Information, 2006(22)4-2, pp.146-148. [7] Jiang Hao, Li Zheying. FPGA design flow based on a variety of EDA tools[J], Microcomputer Information, 2007(23)11-2,pp.:201-203

Author Profile:

Lalitha Sowmya M is an M.Tech Embedded Systems Student in Sridevi Engineering College & she is an Asst Professor in SSJ Engineering College. She is having a teaching experience of three years.

Special Issue I

Page 29 of 65

ISSN 2229 5216

International Journal of Advances in Science and Technology, Vol. 3, No.3, 2011 Prof Ravikanth is currently working in Sridevi Engineering College. He got his M.E from BITS Pilani, and B.Tech (EEE) from JNTU Hyderabad. He is having a teaching experience of fifteen years.

Special Issue I

Page 30 of 65

ISSN 2229 5216