Message Digests

Message Digest:

  • A message digest is a sequence of bits produced for an input string, using an one-way function. 

  • The input string could be a phrase or a number sequence from the mind of a person, from a text written on a paper, from an operating system file or from a database table.

  • As the name suggests, it is of very short form, a digest, regardless of the size of the input string. As of this writing, commonly used message digests vary from 128 bits to 512 bits and more. For example, a message as succinct as "Hello World!" and a file content running to several Giga Bytes, both will produce the message digests of same given length. For example, 512 bits using a specific algorithm such as SHA-512.

  • Thus, the process of hashing produces a hash(message digest) which is cryptic enough to the extent that from the hash, the input that created the hash can not be derived. Hashing does not involve any key and the produced message digest is not meant for decryption.

Hash Functions

  • When a message is sent over the network from one place to another, the message is verified for its authenticity by calculating the hash again using the chosen hashing algorithm. If the hashes match, the message is not altered en-route and considered authentic.
  • There are various algorithms that produce message digests: MD5, SHA, BLAKE and others.

Essential properties of a Message Digest function:

  • Preimage resistance: Preimage resistance can be read as the “infeasibility to retrieve the original message,i.e,the preimage, from a message digest”.

  • Second preimage resistance: Second preimage is the term used to refer to a message(m2) for which a hash function will produce the same hash as for a given first message(m1). Second preimage resistance is the “infeasibility to find a second message(m2), that corresponds to a message digest produced for a given message(m1)”. Of course, the precondition is m1 should not be equal to m2.

  • Collision-resistance: Collision-resistance means any two input messages should not produce the same message digest.

  • Avalanche Effect: When a single character changes in the input message, the corresponding message digest drastically changes.

The MDx Message Digest Functions:

  • The MDx group of message digest functions, the MD2, MD4 and MD5 were developed by Prof.Ronald Rivest as an improvement over each of its current version.

  • All of them were popular and were used in SSL certificates as well.

  • However, all of them are now obsolete to be used as a secure hash and hence not recommended for using in any non-trivial application.

SHA Messsage Digest Functions:

  • SHA stands for Secure Hash Algorithms, which are a set of hash functions that include SHA-0, SHA-1, SHA-2 and SHA-3.

  • SHA-0 and SHA-1 are no longer recommended for using in any secure applications.

  • SHA-2 consists of SHA-256 and SHA-512 algorithms. SHA-256 works on 32 bit sized words and emits a message digest of 256 bits length. The SHA-512 hash function works on 64 bit sized words and outputs a message digest with a length of 512 bits.

  • The applications of SHA-256 hash function encompasses

    • Password Hashes

    • The TLS protocol

    • Creation of Merkle Root in the Bitcoin blocks and creation of Bitcoin addresses

Message Digest functions supported by the hashlib module of Python:

  • As of this writing, Python supports message digests based on the MDx,SSH and BLAKE algorithms. The following Python program lists the message digests supported by the hashlib library of Python.

Example 1 - List the hash functions in hashlib:

# Example Python program that lists the message
# digest algorithms available through the hashlib
# module
import hashlib

print("Available message digest algorithms:");
print(hashlib.algorithms_available);

Output:

Available message digest algorithms:
{'sha3-224', 'sha3-384', 'sha512-256', 'sha384', 'shake_128', 'blake2s256', 'whirlpool', 'sha3_256', 'md5-sha1', 'sha3-512', 'md5', 'sha3_512', 'sha512', 'sha224', 'shake_256', 'blake2b512', 'sha512-224', 'sha256', 'sha3_384', 'blake2s', 'sm3', 'sha3-256', 'ripemd160', 'shake256', 'md4', 'sha3_224', 'shake128', 'sha1', 'blake2b'}

Example 2 - Generate MDx, SHA and BLAKE hashes using Python:

# Example Python program that creates message digests
# using MD5, SHA-256, SHA-512 and BLAKE2b hash functions
import hashlib

msg = b"Hello World";
print("Message:%s"%msg);

# Create an MD5 hash
md5Object = hashlib.md5();
md5Object.update(msg);
md5Digest = md5Object.hexdigest();
print("MD5 hash:");
print(md5Digest);

# Create an SHA-256 hash
sha256Object = hashlib.sha256();
sha256Object.update(msg);
digest_sha256 = sha256Object.hexdigest();
print("Sha-256 hash:");
print(digest_sha256);

# Create an SHA-512 hash
sha512Object = hashlib.sha512();
sha512Object.update(msg);
digest_sha512 = sha512Object.hexdigest();
print("Sha-512 hash:");
print(digest_sha512);

# Create a Blake2b hash
blake2bObject = hashlib.blake2b();
blake2bObject.update(msg);
digest_blake2b = blake2bObject.hexdigest();
print("Blake2b hash:");
print(digest_blake2b);

Output:

Message:b'Hello World'
MD5 hash:
b10a8db164e0754105b7a99be72e3fe5
Sha-256 hash:
a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e
Sha-512 hash:
2c74fd17edafd80e8447b0d46741ee243b7eb74dd2149a0ab1b9246fb30382f27e853d8585719e0e67cbda0daa8f51671064615d645ae27acb15bfb1447f459b
Blake2b hash:
4386a08a265111c9896f56456e2cb61a64239115c4784cf438e36cc851221972da3fb0115f73cd02486254001f878ab1fd126aac69844ef1c1ca152379d0a9bd

 


Copyright 2024 © pythontic.com