Common Hashing Algorithms
A cryptographic hash function is similar to a checksum. The main difference is that while a checksum is designed to detect accidental alterations in data, a cryptographic hash function is designed to detect deliberate alterations. When data is processed by a cryptographic hash function, a small string of bits, known as a hash, is generated. The slightest change to the message typically makes a large change in the resulting hash. A cryptographic hash function does not require a cryptographic key.
Common Hashing Algorithms include, Message Digest 5 (MD5), Secure Hash Algorithm (SHA).
Message Digest 5 (MD5) is a widely used cryptographic hash function that produces a 128bit (16byte) hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check data integrity. However, it has been shown that MD5 is not collision resistant. cryptographers began recommending the use of other algorithms, such as SHA1 (which has since been found also to be vulnerable). most U.S. government applications now require the SHA2 family of hash functions.
MD5 processes a variablelength message into a fixedlength output of 128 bits.
Firstly, the input message is broken up into chunks of 512bit blocks; the message is padded so that its length is divisible by 512.
Secondly, a 128bit state, divided into four 32bit words, denoted A, B, C and D, are initialized to certain fixed constants.
The main algorithm then operates on each 512bit message block in turn, each block modifying the state. The processing of a message block consists of four similar stages, termed rounds; each round is composed of 16 similar operations based on a nonlinear function F, modular addition, and left rotation. Figure 1 illustrates one operation within a round.
Figure 1. one round of MD5 operation. M_{i} denotes a 32bit block of the message input, and K_{i} denotes a 32bit constant, different for each operation. _{s} denotes a left bit rotation by s places; s varies for each operation. denotes addition modulo 2^{32}
There are four possible functions F; a different one is used in each round:
denote the XOR, AND, OR and NOT operations respectively.
Secure Hash Algorithm (SHA): The three SHA algorithms are structured differently and are distinguished as SHA0, SHA1, and SHA2. SHA1 is very similar to SHA0, but corrects an error in the original SHA hash specification that led to significant weaknesses. The SHA0 algorithm was not adopted by many applications. SHA2 on the other hand significantly differs from the SHA1 hash function.
SHA1 processes a variablelength message into a fixedlength output of 160 bits, the process is similar to MD5.
Firstly, the input message is broken up into chunks of 512bit blocks; the message is padded so that its length is divisible by 512.
Secondly, a 160bit state, divided into five 32bit words, denoted A, B, C, D and E, are initialized to certain fixed constants.
The main algorithm then operates on each 512bit message block in turn, each block modifying the state. The processing of a message block consists of five similar stages, termed rounds; each round is composed of 16 similar operations based on a nonlinear function F, modular addition, and left rotation. Figure 2 illustrates one operation within a round.
Figure 2. one round of SHA1 operation. F is a nonlinear function that varies; _{n} denotes a left bit rotation by n places; n varies for each operation; W_{t} is the expanded message word of round t; K_{t} is the round constant of round t; denotes addition modulo 2^{32}
SHA2 is a set of cryptographic hash functions (SHA224, SHA256, SHA384, SHA512) designed by the National Security Agency (NSA) and published in 2001 by the NIST as a U.S. Federal Information Processing Standard. SHA2 includes a significant number of changes from its predecessor, SHA1. SHA2 consists of a set of four hash functions with digests that are 224, 256, 384 or 512 bits.
SHA256 and SHA512 are novel hash functions computed with 32 and 64bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA224 and SHA384 are simply truncated versions of the first two, computed with different initial values.
At this point, we should already understood how MD5, SHA1 works, so I will paste the the processing diagram of SHA2 here without explainations.
Figure 3. One iteration in a SHA2 family compression function. The blue components perform the following operations:
The bitwise rotation uses different constants for SHA512. The given numbers are for SHA256. The red is an addition modulo 2^{32}
Algorithm and variant  Output size (bits) 
Internal state size (bits) 
Block size (bits) 
Max message size (bits) 
Word size (bits) 
Rounds  Operations  Collisions found? 


SHA0  160  160  512  2^{64} − 1  32  80  add, and, or, xor, rotate  Yes  
SHA1  Theoretical attack (2^{51})  
SHA2  SHA256/224  256/224  256  512  2^{64} − 1  32  64  add, and, or, xor, shift, rotate  No 
SHA512/384  512/384  512  1024  2^{128} − 1  64  80 
Leave a Reply