Message Digest : MD5 algorithm, SHA-1 algorithm

PCIT303: Cryptography and Information Security
Sanjivani Rural Education Society’s
Sanjivani College of Engineering, Kopargaon-423603
(An Autonomous Institute Affiliated to Savitribai Phule Pune University, Pune)
NACC ‘A’ Grade Accredited, ISO 9001:2015 Certified
Department of Information Technology
(UG Programme - NBAAccredited)
Dr. M.A. Jawale
Professor and Head, Dept. of IT

Unit III : Message Digest
▪ Two Simple Hash Functions
a) MD5 algorithm,
b) SHA-1 algorithm
Unit-III: Part-II Message Digest Prof. Dr. Madhuri Jawale Department of Information Technology

MD5 Algorithm
▪ MD5 is a message digest algorithm developed by Ron Rivest.
▪ MD5 is quite fast and produces 128-bit message digests.
▪ Input text is processed in 512-bit blocks (which are further divided into 16 32-bit
sub-blocks). The output of the algorithm is a set of four 32-bit blocks, which make
up the 128-bit message digest.

How MD5 Works?
▪ Step 1: Padding The first step in MD5 is to add padding bits to the original message.
The aim of this step is to make the length of the original message equal to a value,
which is 64 bits less than an exact multiple of 512.
▪ For example, if the length of the original message is 1000 bits, we add a padding of
472 bits to make the length of the message 1472 bits. This is because, if we add 64
to 1472, we get 1536, which is a multiple of 512 (because 1536 = 512 x3).
▪ Thus, after padding, the original message will have a length of 448 bits (64 bits less
than 512), 960 bits (64 bits less than 1024), 1472 bits (64 bits less than 1536), etc.

Continue….
▪ The padding consists of a single 1-bit, followed by as many 0-bits, as required. Note
that padding is always added, even if the message length is already 64 bits less than a
multiple of 512.
▪ Thus, if the message were already of length say 448 bits, we will add a padding of 512
bits to make its length 960 bits. Thus, the padding length is any value between 1 and
512.
▪ The padding process is shown in below Figure.

Continue….
Padding Process

Continue….
▪ Step 2: Append length After padding bits are added, the next step is to calculate the
original length of the message and add it to the end of the message, after padding.
▪ The length of the message is calculated, excluding the padding bits (i.e. it is the length
before the padding bits were added). For instance, if the original message consisted of
1000 bits and we added a padding of 472 bits to make the length of the message 64
bits less than 1536 (a multiple of 512), the length is considered as 1000 and not 1472
for the purpose of this step.
▪ This length of the original message is now expressed as a 64-bit value and these 64
bits are appended to the end of the original message + padding.

Continue….
Append Length

Continue….
▪ Step 3: Divide the input into 512-bit blocks Now, we divide the input message into
blocks, each of length 512 bits.
Data is divided into 512-bit blocks

Continue….
▪ Step 4: Initialize chaining variables In this step, four variables (called as chaining
variables) are initialized. They are called as A, B, C and D. Each of these is a 32-bit
number. The initial hexadecimal values of these chaining variables are shown in
Figure.
Chaining variables

Continue….
▪ Step 5: Process blocks After all the initializations, the real algorithm begins. There is
a loop that runs for as many 512-bit blocks as are in the message.
▪ Step 5.1: Copy the four chaining variables into four corresponding variables, a, b, c
and d (note the smaller case). Thus, we now have a = A, b = B, c = C and d = D. This
is shown in below Figure.
Copying chaining variables into temporary variables

Continue….
▪ Actually, the algorithm considers the combination of a, b, c and d as a 128-bit single
register (which we shall call as abcd). This register (abcd) is useful in the actual
algorithm operation for holding intermediate as well as final results. This is shown in
below Figure.
Abstracted view of the chaining variables

Continue….
▪ Step 5.2 Divide the current 512-bit block into 16 sub-blocks. Thus, each sub-block
contains 32 bits.
Sub-blocks within a block

Continue….
▪ Step 5.3: Now, we have four rounds. In each round, we process all the 16 sub-blocks
belonging to a block. The inputs to each round are: (a) all the 16 sub-blocks, (b) the
variables a, b, c, d and (c) some constants, designated as t.
Conceptual process within a round

Continue….
One MD5 operation

Continue….
▪ We can mathematically express a single MD5 operation as follows:
a = b+ ((a + Process P (b, c,. d) + M[i] + T[k]) <<< s)
Where,
a, b, c, d = Chaining variables, as described earlier
Process P = A non-linear operation, as described subsequently
M[i] = M[q x 16 + i], which is the ith 32-bit word in the qth 512-bit block of
the message
t[k] = A constant
<<<S = Circular left shift by S bits

Continue….

Continue….
1. A process P is first performed on b, c and d. This process P is different in all the four
rounds.
2. The variable a is added to the output of the process P (i.e. to the register abcd).
3. The message sub-block M[i] is added to the output of Step 2 (i.e. to the register
abcd).
4. The constant t[k] is added to the output of Step 3 (i.e. to the register abcd).
5. The output of Step 4 (i.e. the contents of register abcd) is circular-left shifted by s
bits.
6. The variable b is added to the output of Step 5 (i.e. to the register abcd).
7. The output of Step 6 becomes the new abcd for the next step.

Secure Hash Algorithm - I
▪ The National Institute of Standards and Technology (NIST) along with NSA
developed the Secure Hash Algorithm (SHA).
▪ In 1993, SHA was published as a Federal Information Processing Standard (FIPS PUB
180). It was revised to FIPS PUB 180-1 in 1995 and the name was changed to SHA-1.
▪ SHA is a modified version of MD5 and its design closely resembles MD5.
▪ SHA works with any input message that is less than 264 bits in length. The output of
SHA is a message digest, which is 160 bits in length (32 bits more than the message
digest produced by MD5).

Continue…..
▪ The word Secure in SHA was decided based on two features. SHA is designed to be
computationally infeasible to:
(a) Obtain the original message, given its message digest and
(b) Find two messages producing the same message digest

How SHA Works
▪ Step 1: Padding Like MD5, the first step in SHA is to add padding to the end of the
original message in such a way that the length of the message is 64 bits short of a
multiple of 512. Like MD5, the padding is always added, even if the message is
already 64 bits short of a multiple of 512.
▪ Step 2: Append length The length of the message excluding the length of the padding
is now calculated and appended to the end of the padding as a 64-bit block.
▪ Step 3: Divide the input into 512-bit blocks The input message is now divided into
blocks, each of length 512 bits. These blocks become the input to the message digest
processing logic.

Continue…..
▪ Step 4: Initialize chaining variables Now, five chaining variables A through E are
initialized.
▪ In the case of SHA, we want to produce a message digest of length 160 bits, we need
to have five chaining variables here (5x 32 = 160 bits). In SHA, the variables A
through D have the same values as they had in MDS. Additionally, E is initialized to
Hex C3 D2 EI FO.

Continue…..
▪ Step 5: Process blocks Now the actual algorithm begins. Here also, the steps are quite
similar to those in MD5.
▪ Step 5.1: Copy the chaining variables A-E into variables a-e. The combination of a-e,
called as abcde will be considered as a single register for storing the temporary
intermediate as well as the final results.
▪ Step 5.2: Now, divide the current 512-bit block into 16 sub-blocks, each consisting of
32 bits.
▪ Step 5.3: SHA has four rounds, each round consisting of 20 steps. Each round takes the
current 512-bit block, the register abcde and a constant K[t] (where t = 0 to 79) as the
three inputs.

Continue…..
▪ Step 5.3: SHA has four rounds, each round consisting of 20 steps. Each round takes the
current 512-bit block, the register abcde and a constant K[t] (where t = 0 to 79) as the
three inputs.
▪ It then updates the contents of the register abcde using the SHA algorithm steps. Also
notable is the fact that we had 64 constants defined as t in MD5. Here, we have only
four constants defined for K[t], one used in each of the four rounds.

Continue…..
▪ Step 5.4: SHA consists of four rounds, each round containing 20 iterations. This makes
it a total of 80 iterations.
▪ Mathematically, an iteration consists of the following operations:
abcde = (e + Process P + s³ (a) + W[t] + K[t]), a, s30 (b), c, d
Where,
▪ abcde = The register made up of the five variables a, b, c, d and e
▪ Process P = The logical operation,
▪ St = Circular-left shift of the 32-bit sub-block by t bits
▪ W[t] = A 32-bit derived from the current 32-bit sub block,
▪ K[t] = One of the five additive constants,

Continue…..

Single SHA-1 iteration

Continue…..
▪ The values of W[t] are calculated as follows:
▪ For the first 16 words of W (i.e. t = 0 to 15), the contents of the input message sub-
block M[t] become the contents of W[t] straightaway. That is, the first 16 blocks of the
input message M are copied to W.
▪ The remaining 64 values of W are derived using the equation:
▪ W[t] = s¹ (W [t – 16] XOR W[t – 14] XOR W[t - 8]XOR W[t - 3])
▪ As before, s1 indicates a circular-left shift (i.e. rotation) by 1 bit position.
▪ Thus, we can summarize the values of W as shown in below Table

Comparison of MD5 and SHA-1

Reference
1. Atul Kahate, “Cryptography and Network Security”, Second Edition, Chapter 4.

Message Digest : MD5 algorithm, SHA-1 algorithm

More Related Content

Similar to Message Digest : MD5 algorithm, SHA-1 algorithm

More from Dr. Madhuri Jawale

Recently uploaded

Message Digest : MD5 algorithm, SHA-1 algorithm