SHA1

Previous page
Table of content
Next page
 <  Day Day Up  >  

SHA stands for Secure Hash Algorithm, and the 1 refers to it being the first ( implying there may be a need for variants in the future). SHA1 creates a fixed- size 20-byte hash output value sometimes called the message digest . It meets all the requirements for a secure one-way hash algorithm for cryptography: It is collision resistant, secure, and efficient.

Collision Resistance

Guessing a second message that maps to the same value as the original message for a 20-byte or 160-bit hash value requires 2 160 random hashes, making it computationally infeasible to find two messages that hash to the same value. There is no attack that is more efficient than brute force.

Guessing a 20-byte hash has a 1 in 2 160 chance of coming up with the original message. By way of scaling this,

2 61 sec is the total lifetime of the universe.

2 170 is the total number of atoms in the earth.

On a 1 billion hashes per second computer (still beyond computing capacity today), brute-force guessing of a 20-byte hash would take 10 22 billion years to accomplish, which is more than the lifetime of the universe.

Security

SHA1 is not based on any assumption like the difficulty of factoring. Therefore, there is no assumption to be proven wrong that will compromise its security.

Simplicity and Efficiency

No large data structures are required in SHA1, and the program to implement it is not complicated (it needs to run identically on client machines as well as server machines). It is suitable for high-speed software implementations and is based on simple bit manipulations on 32-bit operands.

SHA is called secure because it is designed to be computationally infeasible to recover a message corresponding to a given message digest, or to find two different messages that produce the same message digest. Any change to a message in transit will, with a very high probability, result in a different message digest, and the signature will fail to verify. SHA is based on principles similar to those used by Professor Ronald L. Rivest of MIT when designing the MD4 message digest algorithm, and is closely modeled after that algorithm.

 <  Day Day Up  >  

Previous page
Table of content
Next page
Securing Web Services with WS-Security. Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
Securing Web Services with WS-Security: Demystifying WS-Security, WS-Policy, SAML, XML Signature, and XML Encryption
ISBN: 0672326515
EAN: 2147483647
Year: 2004
Pages: 119
Authors: Jothy Rosenberg, David Remy
BUY ON AMAZON
Systematic Software Testing (Artech House Computer Library)
Mapping Hacks: Tips & Tools for Electronic Cartography
An Introduction to Design Patterns in C++ with Qt 4
Java Concurrency in Practice
The Oracle Hackers Handbook: Hacking and Defending Oracle
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy