{"id":20335,"date":"2023-11-23T13:24:29","date_gmt":"2023-11-23T07:54:29","guid":{"rendered":"https:\/\/networkinterview.com\/?p=20335"},"modified":"2023-11-23T13:24:29","modified_gmt":"2023-11-23T07:54:29","slug":"sha-256-secure-hash-algorithms","status":"publish","type":"post","link":"https:\/\/networkinterview.com\/sha-256-secure-hash-algorithms\/","title":{"rendered":"A Definitive Guide to SHA-256 (Secure Hash Algorithms)"},"content":{"rendered":"<div class=\"netwo-in-between-content netwo-entity-placement\" id=\"netwo-101691072\"><div id=\"netwo-2230149530\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1375203873676133\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-1375203873676133\" \ndata-ad-slot=\"2134143805\" \ndata-ad-format=\"auto\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><\/div><p><span style=\"font-weight: 400;\"><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/difference-between-encryption-and-hashing\/\" target=\"_blank\" rel=\"noopener\">Hashing and encryption<\/a><\/span> are one of the key mechanisms to secure data.\u00a0 A variety of algorithms exist in the cyber world to secure data with different key lengths\u00a0 &#8211; 64-bit, 128-bit, 256 bit and so on. However, the secure hash algorithm with digest size of 256 bits or SHA-256 is one of the most popular and widely used algorithms in real world applications for data security.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Today we look more in detail about Secure hash algorithm \u2013 SHA-256, how it works, what its features and use cases are.\u00a0<\/span><\/p>\n<h2><b>What is Hashing?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Hashing is a technique to scrambling raw data to the extent that it becomes impossible to reproduce it in its original form. It takes a piece of information which goes through a function which performs mathematical operations on the plaintext. This function is referred to as \u2018Hashing\u2019 and its output is termed as \u2018digest or value\u2019.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The hash function is responsible for conversion of plaintext into respective hash digest. Hash functions provide the same output value if input is not changed, irrespective of the number of iterations it is undergone.<\/span><\/p>\n<h3>Hashing Functions<\/h3>\n<p><span style=\"font-weight: 400;\">Hashing provides two functions:\u00a0<\/span><\/p>\n<ol>\n<li><span style=\"font-weight: 400;\"><strong>Password hashes \u2013<\/strong> converts user password into hash value before being stored on a web server. Hash value re-calculation occurs to match it with stored value.<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><strong>Integrity verification \u2013<\/strong> when a file is uploaded on a website, it shares its hash value as a bundle. When a user downloads a file it recalculates hash and compares it with established data integrity.\u00a0<\/span><\/li>\n<\/ol>\n<h2><b>Secure Hash Algorithms (SHA-256)\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">SHA 256 is part of the SHA2 algorithm family published in the year 2001. It was a joint effort between NSA and NIST to introduce SHA successor to SHA 1 which was losing its battle with <span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/www.fortinet.com\/resources\/cyberglossary\/brute-force-attack\" target=\"_blank\" rel=\"noopener\">brute force attacks<\/a><\/span>. The hash value will always be 256-bit. Let&#8217;s look in detail at its characteristics.\u00a0<\/span><\/p>\n<h3>Characteristics:<\/h3>\n<ul>\n<li><span style=\"font-weight: 400;\"><strong>Message length \u2013<\/strong> Cleartext length should be less than 264 bits. The size needs to be in the compression area to make the digest as random as possible.<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><strong>Digest length \u2013<\/strong> hash digest should be 256 bits in SHA-2 and 512 in SHA-512. Bigger digest means more calculations at the cost of speed and space.\u00a0<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><strong>Irreversibility \u2013<\/strong> All SHA functions are irreversible as per their design characteristic. You will never get plaintext before having digest in hand nor will digest provide its original value while passing through the hash function again.<\/span><\/li>\n<\/ul>\n<h2><b>Process: Secure Hash Algorithms (SHA-256)\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Let&#8217;s look at different steps in the process of Secure Hash Algorithms (SHA-256).<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Padding bits \u2013<\/strong> some extra bits are added to the message, the length is exactly 64 bits short of multiple of 512. During the addition of extra bits, the first bit should be one and rest bits can be zero.\u00a0<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-20343\" src=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/11\/A-Definitive-Guide-to-SHA-256-Secure-Hash-Algorithms-1.jpg\" alt=\"\" width=\"800\" height=\"454\" srcset=\"https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/11\/A-Definitive-Guide-to-SHA-256-Secure-Hash-Algorithms-1.jpg 800w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/11\/A-Definitive-Guide-to-SHA-256-Secure-Hash-Algorithms-1-768x436.jpg 768w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/11\/A-Definitive-Guide-to-SHA-256-Secure-Hash-Algorithms-1-300x170.jpg 300w, https:\/\/networkinterview.com\/wp-content\/uploads\/2023\/11\/A-Definitive-Guide-to-SHA-256-Secure-Hash-Algorithms-1-600x341.jpg 600w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Padding length \u2013<\/strong> Adding 64 bits of data to make the final plaintext multiple of 512. Calculate these 64 bits of characters by applying modulus to the initial plaintext without padding.<\/span><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Initialization of buffer \u2013<\/strong> Initialize the default value for eight buffers to be used in rounds. You also need to store 64 different keys in an array.<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Compression function \u2013<\/strong> the complete message is broken down into multiple blocks of 512 bits. It puts each block via 64 rounds of operation, with output of each block serving as input to the next block.<\/span><\/p>\n<p><span style=\"font-weight: 400;\"><strong>Output \u2013<\/strong> with every iteration, the output of a block serves as input to the next block. This entire cycle keeps repeating itself until you reach the last 512-bit block and its output is considered the final hash value \/ digest. The length of this digest would be SHA-256.\u00a0\u00a0<\/span><\/p>\n<h2><strong>SHA-256 Applications<\/strong><\/h2>\n<ul>\n<li><span style=\"font-weight: 400;\"><strong>Digital signature verification \u2013<\/strong> Digital signatures use asymmetric encryption to validate document \/ files authenticity. Hash algorithm SHA-256 ensures signatures authenticity in the most secure manner.<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><strong>Password hashing \u2013<\/strong> websites store user passwords in hashed format and most of the websites use SHA-256 as the most secure way to protect user identity and privacy.<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><strong>SSL handshake \u2013<\/strong> The SSL handshakes use encryption and hashing authentication to prepare a secure connection<\/span><\/li>\n<li><span style=\"font-weight: 400;\"><strong>Integrity checking \u2013<\/strong> Verification of file integrity helps to maintain full value functionality of the stored files and ensures that they are not altered or tampered during transit.\u00a0<\/span><\/li>\n<\/ul>\n<h2><span style=\"color: #ff6600;\">Continue Reading:<\/span><\/h2>\n<p><span style=\"color: #0000ff;\"><em><strong><a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/static-hashing-vs-dynamic-hashing\/\" target=\"_blank\" rel=\"noopener\">Static Hashing vs Dynamic Hashing<\/a><\/strong><\/em><\/span><\/p>\n<p><span style=\"color: #0000ff;\"><em><strong><a style=\"color: #0000ff;\" href=\"https:\/\/networkinterview.com\/web-application-vulnerabilities\/\" target=\"_blank\" rel=\"noopener\">8 Common Web Application Vulnerabilities<\/a><\/strong><\/em><\/span><\/p>\n<div class=\"netwo-after-content netwo-entity-placement\" id=\"netwo-809056682\"><div id=\"netwo-1922785778\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-1375203873676133\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-1375203873676133\" \ndata-ad-slot=\"2134143805\" \ndata-ad-format=\"auto\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Hashing and encryption are one of the key mechanisms to secure data.\u00a0 A variety of algorithms exist in the cyber world to secure data with different key lengths\u00a0 &#8211; 64-bit, 128-bit, 256 bit and so on. However, the secure hash &hellip; <\/p>\n","protected":false},"author":146,"featured_media":20342,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,79],"tags":[],"class_list":["post-20335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-techblog","category-security"],"_links":{"self":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/posts\/20335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/users\/146"}],"replies":[{"embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/comments?post=20335"}],"version-history":[{"count":0,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/posts\/20335\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/media\/20342"}],"wp:attachment":[{"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/media?parent=20335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/categories?post=20335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/networkinterview.com\/wp-json\/wp\/v2\/tags?post=20335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}