The Foreword, Abstract, and Key Words can be found at the end of this document. Name of Standard: Secure Hash Standard. Category of Standard: Computer Security. The message digest can then be input to the Digital Signature Algorithm DSA which generates or verifies the signature for the message. Signing the message digest rather than the message often improves the efficiency of the process because the message digest is usually much smaller in size than the message. The same hash algorithm must be used by the verifier of a digital signature as was used by the creator of the digital signature.
|Published (Last):||27 July 2011|
|PDF File Size:||11.64 Mb|
|ePub File Size:||9.12 Mb|
|Price:||Free* [*Free Regsitration Required]|
Name of Standard: Secure Hash Standard. Category of Standard: Computer Security. The message digest can then be input to the Digital Signature Algorithm DSA which generates or verifies the signature for the message. Signing the message digest rather than the message often improves the efficiency of the process because the message digest is usually much smaller in size than the message.
The same hash algorithm must be used by the verifier of a digital signature as was used by the creator of the digital signature. The SHA-1 is called secure because it is computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest.
Any change to a message in transit will, with very high probability, result in a different message digest, and the signature will fail to verify. A circular left shift operation has been added to the specifications in section 7, line b, page 9 of FIPS and its equivalent in section 8, line c, page 10 of FIPS This revision improves the security provided by this standard.
Maintenance Agency: U. Applicability: This standard is applicable to all Federal departments and agencies for the protection of unclassified information that is not subject to section of Title 10, United States Code, or section 2 of Title 44, United States Code. Private and commercial organizations are encouraged to adopt and use this standard.
Applications: The SHA-1 may be used with the DSA in electronic mail, electronic funds transfer, software distribution, data storage, and other applications which require data integrity assurance and data origin authentication. The SHA-1 may also be used whenever it is necessary to generate a condensed version of a message.
Implementations: The SHA-1 may be implemented in software, firmware, hardware, or any combination thereof. Export Control: Implementations of this standard are subject to FederalGovernment export controls as specified in Title 15, Code of Federal Regulations, Parts through Exporters are advised to contact the Department of Commerce, Bureau of Export Administration for more information. Implementation Schedule: This standard becomes effective October 2, Cross Index: a. Objectives: The objectives of this standard are to: a.
Specify the secure hash algorithm required for use with the Digital Signature Standard FIPS in the generation and verification of digital signatures; b. Specify the secure hash algorithm to be used whenever a secure hash algorithm is required for Federal applications; and c.
Encourage the adoption and use of the specified secure hash algorithm by private and commercial organizations. Qualifications: While it is the intent of this standard to specify a secure hash algorithm, conformance to this standard does not assure that a particular implementation is secure. The responsible authority in each agency or department shall assure that an overall implementation provides an acceptable level of security.
This standard will be reviewed every five years in order to assess its adequacy. The head of such agency may redelegate such authority only to a senior official designated pursuant to section b of Title 44, United States Code.
Waiver shall be granted only when: a. Compliance with a standard would adversely affect the accomplishment of the mission of an operator of a Federal computer system; or b. Compliance with a standard would cause a major adverse financial impact on the operator which is not offset by Government-wide savings. Agency heads may act upon a written waiver request containing the information detailed above.
Agency heads may also act without a written waiver request when they determine that conditions for meeting the standard cannot be met. Agency heads may approve waivers only by a written decision which explains the basis on which the agency head made the required finding s. In addition, notice of each waiver granted and each delegation of authority to approve waivers shall be sent promptly to the Committee on Government Operations of the House of Representatives and the Committee on Government Affairs of the Senate and shall be published promptly in the Federal Register.
A copy of the waiver, any supporting documents, the document approving the waiver and any accompanying documents, with such deletions as the agency is authorized and decides to make under 5 United States Code Section b , shall be part of the procurement documentation and retained by the agency.
Department of Commerce, Springfield, VA When microfiche is desired, this should be specified. Prices are published by NTIS in current catalogs and other issuances. Payment may be made by check, money order, deposit account or charged to a credit card accepted by NTIS.
The message digest is used during generation of a signature for the message. The SHA-1 is also used to compute a message digest for the received version of the message during the process of verifying the signature.
Any change to the message in transit will, with very high probability, result in a different message digest, and the signature will fail to verify.
The SHA-1 is designed to have the following properties: it is computationally infeasible to find a message which corresponds to a given message digest, or to find two different messages which produce the same message digest.
A hex digit is the representation of a 4-bit string. A word equals a bit string which may be represented as a sequence of 8 hex digits. To convert a word to 8 hex digits each 4-bit string is converted to its hex equivalent as described in a above.
An integer between 0 and - 1 inclusive may be represented as a word. The least significant four bits of the integer are represented by the right-most hex digit of the word representation. Since x and y can be represented as words X and Y, respectively, z can be represented as the pair of words X,Y. A block e. For positive integers n and m, let n mod m be the remainder upon dividing n by m. Thus Sn X is equivalent to a circular shift of X by n positions to the left.
The message or data file should be considered to be a bit string. The length of the message is the number of bits in the message the empty message has length 0. If the number of bits in a message is a multiple of 8, for compactness we can represent the message in hex. The purpose of message padding is to make the total length of a padded message a multiple of The SHA-1 sequentially processes blocks of bits when computing the message digest. The following specifies how this padding shall be performed.
The bit integer is l, the length of the original message. The padded message is then processed by the SHA-1 as n bit blocks. Before it is input to the SHA-1, the message is padded on the right as follows: a. Example: if the original message is "", this is padded to "".
The number of "0"s will depend on the original length of the message. The last 64 bits of the last bit block are reserved for the length l of the original message. Example: Suppose the original message is the bit string After step a this gives 1.
This gives in hex Obtain the 2-word representation of l, the number of bits in the original message. Append these two words to the padded message. Example: Suppose the original message is as in b. The two-word representation of 40 is hex Hence the final padded message is hex The padded message is regarded as a sequence of n blocks M1 , M2, The computation uses two buffers, each consisting of five bit words, and a sequence of eighty bit words.
The words of the word sequence are labeled W0, W1, A single word buffer TEMP is also employed. To generate the message digest, the word blocks M1, M2, The processing of each Mi involves 80 steps. Now M1, M2, To process Mi, we proceed as follows: a. Divide Mi into 16 words W0, W1, This is efficient from the standpoint of minimization of execution time, since the addresses of Wt-3, Then processing of Mi is as follows: a. Divide Mi into 16 words W, Other computation methods which give identical results may be implemented in conformance with the standard.
In step a of Section 4, we append "1". In step b we append "0"s. In step c we append hex , the 2-word representation of Start processing block 1. Block 1 has been processed. Let the message be the binary-coded form cf.
In step c we append the 2-word representation of , i. Start processing block 2. Block 2 has been processed. These mandates have given the Secretary of Commerce and NIST important responsibilities for improving the utilization and management of computers and related telecommunications systems in the Federal Government. The NIST, through its Computer Systems Laboratory, provides leadership, technical guidance, and coordination of Government efforts in the development of standards and guidelines in these areas.
James H. The SHA-1 is used by both the transmitter and intended receiver of a message in computing and verifying a digital signature. Go Back to the Top.
SECURE HASH STANDARD
Federal Information Processing Standards Publications (FIPS PUBS)