**Cryptography Tutorials - Herong's Tutorial Examples** - v5.40, by Dr. Herong Yang

SHA1 Message Digest Algorithm Overview

This section describes the SHA1 algorithm - a 6-step process of padding of '1000...', appending message length, preparing 80 process functions, preparing 80 constants, preparing 5 word buffers, processing input in 512 blocks.

SHA1 algorithm is well described in RFC 3174 - US Secure Hash Algorithm 1 (SHA1), see http://www.ietf.org/rfc/rfc3174.txt. Below is a quick overview of the algorithm.

SHA1 algorithm consists of 6 tasks:

Task 1. Appending Padding Bits. The original message is "padded" (extended) so that its length (in bits) is congruent to 448, modulo 512. The padding rules are:

- The original message is always padded with one bit "1" first.
- Then zero or more bits "0" are padded to bring the length of the message up to 64 bits fewer than a multiple of 512.

Task 2. Appending Length. 64 bits are appended to the end of the padded message to indicate the length of the original message in bytes. The rules of appending length are:

- The length of the original message in bytes is converted to its binary format of 64 bits. If overflow happens, only the low-order 64 bits are used.
- Break the 64-bit length into 2 words (32 bits each).
- The low-order word is appended first and followed by the high-order word.

Task 3. Preparing Processing Functions. SHA1 requires 80 processing functions defined as:

f(t;B,C,D) = (B AND C) OR ((NOT B) AND D) ( 0 <= t <= 19) f(t;B,C,D) = B XOR C XOR D (20 <= t <= 39) f(t;B,C,D) = (B AND C) OR (B AND D) OR (C AND D) (40 <= t <= 59) f(t;B,C,D) = B XOR C XOR D (60 <= t <= 79)

Task 4. Preparing Processing Constants. SHA1 requires 80 processing constant words defined as:

K(t) = 0x5A827999 ( 0 <= t <= 19) K(t) = 0x6ED9EBA1 (20 <= t <= 39) K(t) = 0x8F1BBCDC (40 <= t <= 59) K(t) = 0xCA62C1D6 (60 <= t <= 79)

Task 5. Initializing Buffers. SHA1 algorithm requires 5 word buffers with the following initial values:

H0 = 0x67452301 H1 = 0xEFCDAB89 H2 = 0x98BADCFE H3 = 0x10325476 H4 = 0xC3D2E1F0

Task 6. Processing Message in 512-bit Blocks. This is the main task of SHA1 algorithm, which loops through the padded and appended message in blocks of 512 bits each. For each input block, a number of operations are performed. This task can be described in the following pseudo code slightly modified from the RFC 3174's method 1:

Input and predefined functions: M[1, 2, ..., N]: Blocks of the padded and appended message f(0;B,C,D), f(1,B,C,D), ..., f(79,B,C,D): Defined as above K(0), K(1), ..., K(79): Defined as above H0, H1, H2, H3, H4: Word buffers with initial values Algorithm: For loop on k = 1 to N (W(0),W(1),...,W(15)) = M[k] /* Divide M[k] into 16 words */ For t = 16 to 79 do: W(t) = (W(t-3) XOR W(t-8) XOR W(t-14) XOR W(t-16)) <<< 1 A = H0, B = H1, C = H2, D = H3, E = H4 For t = 0 to 79 do: TEMP = A<<<5 + f(t;B,C,D) + E + W(t) + K(t) E = D, D = C, C = B<<<30, B = A, A = TEMP End of for loop H0 = H0 + A, H1 = H1 + B, H2 = H2 + C, H3 = H3 + D, H4 = H4 + E End of for loop Output: H0, H1, H2, H3, H4: Word buffers with final message digest

Step 5. Output. The contents in H0, H1, H2, H3, H4 are returned in sequence the message digest.

Table of Contents

Introduction to AES (Advanced Encryption Standard)

DES Algorithm - Illustrated with Java Programs

DES Algorithm Java Implementation

DES Algorithm - Java Implementation in JDK JCE

DES Encryption Operation Modes

PHP Implementation of DES - mcrypt

Blowfish - 8-Byte Block Cipher

Secret Key Generation and Management

Cipher - Secret Key Encryption and Decryption

RSA Implementation using java.math.BigInteger Class

Introduction of DSA (Digital Signature Algorithm)

Java Default Implementation of DSA

Private key and Public Key Pair Generation

PKCS#8/X.509 Private/Public Encoding Standards

Cipher - Public Key Encryption and Decryption

►SHA1 Mesasge Digest Algorithm

What Is SHA1 Message Digest Algorithm?

►SHA1 Message Digest Algorithm Overview

Using SHA1 Message Digest in Java

Using SHA1 Message Digest in PHP

Using SHA1 Message Digest in Perl

OpenSSL Introduction and Installation

OpenSSL Generating and Managing RSA Keys

OpenSSL Generating and Signing CSR

OpenSSL Validating Certificate Path

"keytool" and "keystore" from JDK

"OpenSSL" Signing CSR Generated by "keytool"

Migrating Keys from "keystore" to "OpenSSL" Key Files

Certificate X.509 Standard and DER/PEM Formats

Migrating Keys from "OpenSSL" Key Files to "keystore"