5.3 SHA-1


5.3 SHA-1

Similar to MD4

Algorithm description

  • Input of algorithm: any message less than 264 bit long is divided into 512 bit long packets.
  • Output of algorithm: 160 bit long message summary.
  • The block diagram of the algorithm is the same as MD5, but the length of hash value and link variable is 160 bits

Video of station B — very good explanation (three times in a row)


Step description:

  • Complement – make all lengths 512bit
  • Processing of packets (512bit each)
  • For the first 512bit, give an initial buffer connection variable ABCDE, and then the first 512bit will get 160bit
  • The 160bit generated in the first step becomes the link variable ABCDE in the second step, and the operation with 512bit in the second step will get 160bit
  • This is repeated continuously to obtain the final 160bit

1. Populate message

  • Fill the message so that its specific length is 448 under module 512, that is, the length of the filled message is a multiple of 512 minus 64, leaving 64 bits for the second step.

    • Note: Step 1 is required. Even if the message length meets the requirements, it still needs to be filled in.
  • For example, if the message length is 24bit, one 1423 zeros will be filled, and finally 64bit vacancy will be left.

  • Leave 64 bits. The largest number that can be expressed is 2 ^ 64 – 1. (why can it represent the original length? Hello!!)

2. Additional message length

  • The 64 bits set aside in the first step are used to represent the length before the message is filled.
  • If the message length is greater than 2 ^ 64, take 264 as the modulus.

3. Initialize MD buffer

  • Use a 160 bit buffer to store intermediate results and final hash values. The buffer is five 32-bit registers that store data in big endian mode [hexadecimal]
  • Big endian mode means that the high byte of data is saved in the low address of memory, and vice versa

4. Packet processing


The first 16 are copied m, and the latter w needs to be calculated in turn.

  • Original 512bit = 16 32bit m [0], m [1] M[15]
  • After expansion!!
  • 80 32bit w [0], w [1] W[79]

SHA1 has four rounds of operations, 20 = in each round, and then generates 160bit. The 160bit message summary is stored in five 32bit link variables

The addition of this process is modulo 2 ^ 32

80 rounds of operation

In other words, after performing some operation on ABCDE in turn, ABCDE gets a new value. This is 80 rounds

Explanation of T in 80 rounds of operation

  • ROTL ^ 5 fifth left shift operation
  • FT is the wheel function, which varies according to t
  • KT is a constant function, which is also related to t

5. Output the 160bit summary message generated by the first 512bit (enter the next round)


  • ABCDE is obtained after 80 rounds of operation.
  • H0 – H4 on the right are the initial link variables
  • H0 – H4 on the left is the first 160bit output

Is it more than one 512bit packet

  • If there is only one 512bit packet here, it will end here
  • But if there are many 512bit