SHA-256 (2024)

Overview

SHA-256 is a member of the SHA-2 cryptographic hash functions designed by the NSA that generates an almost-unique 256-bit (32-byte) signature for a given text input. SHA stands for "Secure Hash Algorithm." Hashing algorithms are mathematical functions that condense data to a fixed size. Many hashing algorithms exist for various purposes; SHA algorithms are utilized for cryptographic security. Cryptographic hash algorithms produce irreversible and almost unique hashes. Irreversible in the sense that if you only had the hash you couldn’t use that to figure out what the original data was, therefore allowing the original data to remain secure and unknown. Unique meaning that two different pieces of data cannot produce the same hash.

Part of the SHA-2 group of hash algorithms first created by the NSA in 2001 as a successor to SHA-1, SHA-256 is a patented cryptographic hash function. The patent (US6829355B2) for the SHA-256 algorithm was filed by the NSA on March 5th, 2001, listing Glenn M Lilly as the inventor. The patent was granted and published on December 7th, 2004.

From 2011 to 2015, SHA-1 was the primary algorithm used for SSL certificates. Growing research showing the weaknesses of SHA-1 prompted a revaluation and from 2016 onward, SHA-2 is the new standard. Since August 5th, 2015 NIST policy on hash functions recommends application and protocol designers implement SHA-256 at a minimum for any applications of hash functions requiring interoperability.

SHA-256 has not yet been compromised in any way. The 256-bit key makes it a good partner function for AES. It is defined in the NIST (National Institute of Standards and Technology) standard ‘FIPS 180-4’. NIST also provides a number of test vectors to verify the correctness of implementation.

Process

The SHA-256 algorithm can be separated into five sections.

Padding bits

Extra bits are added to the message, such that the length is exactly 64 bits short of a multiple of 512. During the addition, the first bit should be one, and the rest of it should be filled with zeroes.

Padding length

Next, 64 bits are added to make the final plaintext a multiple of 512. The 64 bits of characters are calculated by applying the modulus of the original cleartext without the padding.

SHA-256 (1)

Padding of the original message in the SHA-256 algorithm.

Initializing the buffers

The default values for eight buffers and 64 different keys in an array (K[0] to K[63]) are initialized.

Compression functions

The algorithm breaks down the entire message into multiple blocks of 512 bits each. It puts each block through 64 rounds of operation, with the output of each block serving as the input for the following block.

SHA-256 (2)

Representation of the SHA-256 algorithm.

The value of K[i] for each round is pre-initialized. W[i] is another input calculated individually for each block, depending on the number of iterations being processed at the moment.

Output

With each iteration, the final output of the block serves as the input for the next block. The entire cycle repeats until you reach the last 512-bit block, and the final hash digest is output. This digest will be of the length 256-bit, as per the name of this algorithm.

Security

The security of the SHA-256 algorithm is partially dependent on how collision resistant it is, where collision resistance is a probability measurement for two different data inputs to produce the same hash output (i.e. collide with each other). Every hash function with more inputs than outputs will necessarily have collisions. SHA-256 produces 256 bits of output from an arbitrarily large input. Since it must generate one of 2256 outputs for each member of a much larger set of inputs, the pigeonhole principle guarantees that some inputs will hash to the same output. However, the larger the number of possible hashes, the smaller the chance that two values will create the same hash.

The following are three key properties defining the security of SHA-256:

  1. With 2256 possible outputs it is almost impossible to reconstruct the initial data from the hash value. Brute-force attacks would need to make 2256 attempts to generate the initial data.
  2. Having two messages with the same hash value is extremely unlikely (high collision resistance).
  3. Minor changes to the original data alter the hash value significantly that it’s not apparent the new hash value is derived from similar data (known as the avalanche effect).

Applications

SHA-256 is commonly used to authenticate digital certificates, such as SSL certificates that ensure a secure link between a website and web browsers. SHA-256 is also the cryptographic hash function used for Bitcoin's Proof of Work mining and in the creation of Bitcoin addresses. SHA-256 is also used in other popular authentication and encryption protocols, including TLS, IPsec, SSH, and PGP. In Unix and Linux.

SHA-256 (2024)
Top Articles
Sensitivity report in Excel - Excelchat | Excelchat
What to Do if Your Life Insurance Application Is Denied - Experian
English Bulldog Puppies For Sale Under 1000 In Florida
Katie Pavlich Bikini Photos
Gamevault Agent
Pieology Nutrition Calculator Mobile
Hocus Pocus Showtimes Near Harkins Theatres Yuma Palms 14
Hendersonville (Tennessee) – Travel guide at Wikivoyage
Compare the Samsung Galaxy S24 - 256GB - Cobalt Violet vs Apple iPhone 16 Pro - 128GB - Desert Titanium | AT&T
Vardis Olive Garden (Georgioupolis, Kreta) ✈️ inkl. Flug buchen
Craigslist Dog Kennels For Sale
Things To Do In Atlanta Tomorrow Night
Non Sequitur
Crossword Nexus Solver
How To Cut Eelgrass Grounded
Pac Man Deviantart
Alexander Funeral Home Gallatin Obituaries
Energy Healing Conference Utah
Geometry Review Quiz 5 Answer Key
Hobby Stores Near Me Now
Icivics The Electoral Process Answer Key
Allybearloves
Bible Gateway passage: Revelation 3 - New Living Translation
Yisd Home Access Center
Home
Shadbase Get Out Of Jail
Gina Wilson Angle Addition Postulate
Celina Powell Lil Meech Video: A Controversial Encounter Shakes Social Media - Video Reddit Trend
Walmart Pharmacy Near Me Open
Marquette Gas Prices
A Christmas Horse - Alison Senxation
Ou Football Brainiacs
Access a Shared Resource | Computing for Arts + Sciences
Vera Bradley Factory Outlet Sunbury Products
Pixel Combat Unblocked
Movies - EPIC Theatres
Cvs Sport Physicals
Mercedes W204 Belt Diagram
Mia Malkova Bio, Net Worth, Age & More - Magzica
'Conan Exiles' 3.0 Guide: How To Unlock Spells And Sorcery
Teenbeautyfitness
Where Can I Cash A Huntington National Bank Check
Topos De Bolos Engraçados
Sand Castle Parents Guide
Gregory (Five Nights at Freddy's)
Grand Valley State University Library Hours
Holzer Athena Portal
Hello – Cornerstone Chapel
Stoughton Commuter Rail Schedule
Nfsd Web Portal
Selly Medaline
Latest Posts
The Art of Networking: A Glimpse into The Four Pillars Approach
Understanding Taxes - Module 6: Exemptions
Article information

Author: Frankie Dare

Last Updated:

Views: 5925

Rating: 4.2 / 5 (73 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Frankie Dare

Birthday: 2000-01-27

Address: Suite 313 45115 Caridad Freeway, Port Barabaraville, MS 66713

Phone: +3769542039359

Job: Sales Manager

Hobby: Baton twirling, Stand-up comedy, Leather crafting, Rugby, tabletop games, Jigsaw puzzles, Air sports

Introduction: My name is Frankie Dare, I am a funny, beautiful, proud, fair, pleasant, cheerful, enthusiastic person who loves writing and wants to share my knowledge and understanding with you.