Thread: Working with bits and SHA-1

  1. #1
    Registered User
    Join Date
    May 2006
    Posts
    903

    Working with bits and SHA-1

    Hey there. I am studying the SHA-1 algorithm for a project of mine and I was wondering a few things. First, how is SHA-1 supposed to be secure ? It produces a hash that does not depend on any private or even public key. Therefore, anyone that catches the SHA-1-encrypted data can decrypt it, given that they eventually find the original message was encrypted with SHA-1.

    My second question is more about coding. SHA-1 depends a lot on working with bits. However, I am not too sure how I would achieve the different tasks (related to bits) required by the algorithm in C++. For example, each chunk is 512 bits-wide and the last chunk contains 64 bits of data, etc.

    How would I hold exactly512 bits in a variable ? I know that variable types are not assured to be a fixed size, they vary from implementation to implementation.

    The same question applies for the 64 bits (which are part of the 512-bits-chunk).

    How would I then split everything up in smaller 32-bits chunks ? I think the most simple way to achieve this would be to have some kind of 32-bits variable type and then use it (since 32 is a factor of both 64 and 512) however I don't know how to achieve this either. I know some compilers support features such as __int32 and __int64 (those are on MSVC++ 2003) yet it'd be lovely if I could find a solution that works on all compilers.

    Also, if you guys have suggestions on how to tackle this problem, they are much welcome ! I will continue my search and post my results, if any.

    Thanks !

  2. #2

  3. #3
    Master Apprentice phantomotap's Avatar
    Join Date
    Jan 2008
    Posts
    5,108
    Hey there. I am studying [...] was encrypted with SHA-1.
    You seem to be very confused. The SHA algorithms produce a cryptographically secure hash. (At least, they do for now.) This has little or nothing to do with encryption and decryption of the content transmission variety. The point isn't so much to hide the data, but to verify the correctness of the data.

    How would I then split [...] that works on all compilers.
    That's impossible. Code for the environments you actually expect.

    Soma

  4. #4
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,229
    A std::bitset?

    SHA is a secure hashing algorithm, meaning it produces deterministic output on the input, but takes exponential time to "unhash", or calculate the original data from the hash.

    For example, a simple hashing algorithm would be to add up all digits in a number, and take the remainder when divided by 7. Let the hashing function be f(x)

    f(13) = (1+3) % 7 = 4
    f(26) = (2+6) % 7 = 1
    f(78) = (7+8) % 7 = 1

    Note that there are infinitely many different inputs that will produce the same hash, since the input can be indefinitely long, yet the output hash has a definite size (otherwise it will be a perfect compression algorithm ).

    This is not a particularly good hash function for security applications, because the set of inputs that would produce a given hash can be easily calculated from the hash. This is what algorithms like SHA-1 aim to avoid.

    Secure hashing algorithms have many uses. For example, without hashing algorithms, OSes would have to store users' passwords in plaintext to be able to authenticate users. With hashing algorithms, they only need to store the hash of passwords. When an authentication request comes in, they hash the incoming password, and compare the hashes. It makes the server more secure, because, for example, even if the server was hacked or stolen, and some bad guy gains access to this password file, he won't be able to get the users' passwords in plaintext (since they cannot "unhash" the hashes).

  5. #5
    Registered User
    Join Date
    May 2006
    Posts
    903
    Oh I get the point. It is not really made to be "unhashed" but rather to compare different hashes and see if modifications were made to the original file / message. Thanks for the clarification. I will implement it anyway, it still suits what I am trying to do =)

  6. #6
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    28,412
    Quote Originally Posted by Desolation
    It is not really made to be "unhashed" but rather to compare different hashes and see if modifications were made to the original file / message.
    If you are just trying to avoid transmission errors then SHA-1 is fine (and might even be overkill). If you are trying to avoid a skilled attacker intending to tamper with the file, then it would be more "future-proof" to avoid SHA-1 since SHA-1 is theoretically broken for collision attacks.

    Back to the question: cyberfish's suggestion of std::bitset sounds like it would work.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  7. #7
    Registered User
    Join Date
    May 2006
    Posts
    903
    Wow the bitset does sound like a great idea. I have never used it before.

    As for SHA-1 being appropriate or not, it actually doesn't really matter right now. I actually just wanted to learn more about encryption algorithms and nothing's better than getting your hands dirty. That's why I'm doing a personal mini cryptography library.

Popular pages Recent additions subscribe to a feed