ECE 575 Term Project (Prof C. Koc)
Winter 2004
v Jarrod Nelson <nelsonja@engr.orst.edu>
For this project, I have created a .dll library file using C# which implements all 4 SHA algorithms (SHA-1, SHA-256, SHA-384, and SHA-512). I also created a simple program which demonstrates the functionality of the .dll file. The library and demonstration files are useable on any system with .NET support [2].
Often times, message integrity can be more important than privacy. Knowing that a message has not been altered in transit is important in a wide range of online applications. It is important to prevent an attacker from intercepting and altering a message in transit. Secure hashing when combined with digital signature algorithms or keyed-hashing authentication algorithms is an effective alternative to encrypting or signing an entire message. The four FIPS approved algorithms for secure hashing are SHA-1, SHA-256, SHA-384, and SHA-512.
Rather than signing or encrypting the entire message, SHA creates a small digest of the message that can then be easily encrypted or signed and used to verify the message. The strength of the SHA algorithms lies in the difficulty of creating 2 different messages with identical hash values. This makes creating a second meaningful message, which could be used by an attacker, almost impossible.
Microsoft has recently created the .NET Framework in an attempt to improve portability and cross platform support. By using C# and the .NET Framework I was able to create a library file, containing the SHA algorithms, which could be used by a variety of programs written in different languages and for different platforms.
The library is set up so that it can be used by any .NET compatible programming language. To use it simply include it in your project and take advantage of any of the public static methods. The exact manner in which this library is used will depend on the programming language and the development environment. For complete details please consult the appropriate MSDN .NET Framework documentation or help files.
For each hashing algorithm there are two available methods, MessageSHAx and FileSHAx, where x is the desired algorithm (1, 256, 384, or 512). The methods are called as SHAx.MessageSHAx( <message> ) and SHAx.FileSHAx( <filename> ) and both return a byte array representing the hash value. The byte array is equivalent to an unsigned char array in C++. For MessageSHAx the argument is a byte array containing the message to be hashed. For FileSHAx the argument is a string containing the name (and path if required) of the file to be hashed.
The library also contains several private methods which are for internal use only and should not be accessed by any external programs.
To demonstrate the functionality of the library file, I created a program with a simple GUI which can be used to hash messages or files. To use the demonstration program simply download and unzip this file. When run, the supplied executable presents a simple user interface which allows you to hash files or text messages using any of the 4 supported hash algorithms. First choose either file or text box as the message source and either enter the file name or the message in the indicated field. Next select the desired hash algorithm and click the Hash Message button. The resulting hash value will be displayed in the text box at the bottom of the window.
To test the program, begin by selecting Text Box as the Message Source. Then enter “abc” (without the quotes) into the Text Message area. Select a Hash Function and press the Hash Message button. The results should be as follows [1]:
·
SHA-1 a9993e36 4706816a ba3e2571
7850c26c 9cd0d89d
· SHA-256 ba7816bf 8f01cfea 414140de 5dae2223 b00361a3 96177a9c b410ff61 f20015ad
· SHA-384 cb00753f45a35e8b b5a03d699ac65007 272c32ab0eded163 1a8b605a43ff5bed
8086072ba1e7cc23 58baeca134c825a7
· SHA-512 ddaf35a193617aba cc417349ae204131 12e6fa4e89a97ea2 0a9eeee64b55d39a
2192992a274fc1a8 36ba3c23a3feebbd 454d4423643ce80e 2a9ac94fa54ca49f
Now we can test the hash functions on a multi-block message using the supplied files test1.txt and test2.txt. First select File as the Message source and enter “test1.txt” (without the quotes) as the File Name. Select either SHA-1 or SHA-256 and click the Hash Message button. The results should be as follows [1]:
·
SHA-1 84983e44 1c3bd26e baae4aa1
f95129e5 e54670f1
· SHA-256 248d6a61 d20638b8 e5c02693 0c3e6039 a33ce459 64ff2167 f6ecedd4 19db06c1
Next enter “test2.txt” (without the quotes) as the File Name. Select either SHA-384 or SHA-512 and click the Hash Message button. The results should be as follows [1]:
· SHA-384 09330c33f71147e8 3d192fc782cd1b47 53111b173b3b05d2 2fa08086e3b0f712
fcc7c71a557e2db9 66c3e9fa91746039
· SHA-512 8e959b75dae313da 8cf4f72814fc143f 8f7779c6eb9f7fa1 7299aeadb6889018
501d289e4900f7e4 331b99dec4b5433a c7d329eeb6dd2654 5e96e55b874be909
Note: The demonstration will only work if the .NET Framework is installed on your system. All Windows machines on campus should already have it installed.
The algorithms written for this library are not optimized for memory usage. It is strongly recommended that this library only be used to hash files less than 1 GB in length. Very large files may overwhelm your virtual memory system.
The portability of the library file created for this project is dependent entirely on Microsoft’s .NET Framework. You must have the .NET Framework installed in order to use it.
v Executable and Library Files
[1]
NIST. “Federal
Information Processing Standards Publication 180-2 Announcing the Secure Hash
Standard.”
[2] A.
Troelsen. “C# and the .NET Platform.” APress. Jun 2001.