SHAs: The One-Way To Security

Hack A BIT

Published in

hackabit

8 min readOct 17, 2019

Encryption…Why and Where?

“If you know the enemy and know yourself, you need not fear the result of a hundred battles.” ~ The Art of War

The strategies of wars often have to be transferred far and wide and effectively still. These have led to various crypts, ciphers and encryption techniques ever since humans could identify themselves as individuals and could distinguish their factions from the others. This individuality and communal spirit are what creates a personal identity.

In a world where such private information is being generated, accessed, analyzed, transferred and is in turn affecting the personalization options of various software and advertisements, it is highly important to keep the information safe. Any leakage and misuse of such may lead to greater identity theft than imaginable. Beyond such trivial loss of personal data, lay the data obtained by GPS, the typing pattern/cursor pattern of an individual, Online Money Wallet data, as well as those of an individual’s preferences, such as Browsing History, reaction to advertisements and Social Media Engagement.

Encryption, in turn, provides the security requirements for these highly classified data. On a macro level, encryption may make or break a Nation (Enigma) as a whole and extensively affect the whole of Humanity.

Encryption in BlockChain

BlockChain has always been the next big thing ever since it was conceptualized. As such, its decentralized environment provides for no Central Authority, which even though may reduce middlemen’s intervention, possess new threats to security by malicious nodes. These arise due to open access for all the member nodes in each network.

This may lead to having BitCoin transactions being public which may expose all relevant information of the transactors. To counter such malicious intents and to secure the private information, Encryption especially SHAs have always been linked to BlockChain ever since its inception.

For BitCoin and similar tasks, the verification of transactions must be public so that the approved transaction be added to the longest chain through Merkel Root. This can be sufficed by the public key (discussed later), thereby effectively keeping personal/private key a secret to the party of the transaction.

Basic Introduction to One-Way Encryption

Continuing from the idea of Keys, One-Way Encryption may be fully realized.

Keys:

Keys are the basic idea for One-Way Encryption. A block of data may be encrypted by a Public Key. This key shall be widely available to anyone and is like a Window. Anyone may see what is going on inside, with the context of a transaction. They can verify and add it to the longest chain. They can provide its validity to be connected with its nonce, and prove its relation to the Merkel Root. However, they can’t remove or modify or even access the transaction. They cannot modify the digital signature that the transactors have created. These mimic the action of a window that allows one to see but not do anything. In fact, the message may be encrypted but not decrypted. Only the transactors have access to their personal key and decryption through brute force will be unnaturally expensive.

The complete concept of Encryption is to have algorithms that are easy to encrypt but vastly time, power and space consuming to decrypt unless valid keys are held.

The idea of a Modulo Encryption:

A simple, yet effective encryption standard is the use of modulo:

Let a % m = n and b % m = n, b!=a, n=n, m=m however a % m = a % m

Thus even if a and b may be poles apart in terms of their numerical values, as long as m is sufficiently small, the modulo result n is in a small range, hashing for a large bucket of values. Even though this situation has no involvement of keys, there is no intelligent system to hack through the modulo encryption making it an ideal One-Way Encryption.

Why SHAs: What They Provide?

“Somebody will be able to overcome any encryption technique you use!” ~ Noam Chomsky

It may be etched in stone that the Future always holds someone that shall break the records of the Past. Encryption strongly abides by such principles. SHA-0, which was celebrated in its heyday for its effectiveness could now be solved in less than 2³⁴ operations, almost an hour in. This leaves but one way to guarantee an algorithm that shall be safe to use in practical usage, make it as unsolvable as possible. SHAs have a pretty good idea of doing that.

SHA, in fact, stands for SECURED HASH ALGORITHM. Certain important features of SHA are:

● Determinism: As could be concluded by the modulo encryption, the encryption shall lose meaning if it does not deterministically give a definite answer. This way, in all local computations, the answer to a certain public key will be the same for a message.

● Unidentifiability: Even a small change in an SHA brings about a drastic change to the result of the encryption. Thus, it may seem like there is an absence of a pattern.

● Irreversibility: This has already been stressed upon, and is the prime reason for SHAs to exist: they are one-way.

● Uniqueness: The modulo encryption fails to provide a different result for each message. Even though that made it secure, it also led to its downfall as there was no scope to decode it by any private key. That renders the message pretty useless in the long run and maybe seen as the equivalent of having lost the message in translation. SHAs handle it through the property of using keys, thus decryption may only be done by a trusted source

● Hash: Hashing refers to the act of shortening/compressing the message. This helps store space and adds a level of encryption with it as the bucket gets smaller.

● Adoption in SSL: Interestingly, even though SHA-256 hasn’t been completely decrypted, SHA 3 is already being developed, thanks to its usage in SSL.

Case Study: SHA-256

SHA-256 may never be appreciated enough. It has widespread applications in not only SSL but also in famous BlockChain instances such as BitCoin where it validates transactions, ensures digital signatures, creates BitCoin addresses, challenge handshake, and as a Proof-Of-Work algorithm.

The Hash removes all identification of the message, however, it is the same for the same message. Thus equality may be checked. The idea is borrowed from MD4 by Ronald Rivest. The algorithm is designed to have a digest for every message such that the collision attacks are minimized.

We use the following definitions and descriptions :

Where Sn stands for right rotation by n bits, Rn stands for right shift by n bits.

Certain Steps to follow in the algorithm of SHA 256 implementation may be obtained here, and is presented as:

Message Block M is extended to exactly 512-bits. These are obtained by padding through UTF-8 rules of adding a 1 followed by k 0s until the last bits are filled with the binary representation of the original message length. Here k is defined by l (the length of the binary representation of M).

2. Thus M=“xyz” may be represented by k zeroes where k = 448-1–8*3 = 423 bits of zeros. This leads to:

3. Using the Big-Endian Convention, each of such messages is broken to message blocks of 32 bits each and vectorized to be together.

4. For iterator i from 1 to N, for each of the N blocks:

a) 8 registers demarcated a, b, c, d, e, f, g, h, the (i-1)th index is assigned for SHA 256 compression.

b) For j=0 to 63, we calculate as :

c) For all of the i-th iteration, the Hash Value is given by

5. H(n) gives the value for total Message-Direct.

6. The expanded message blocks can be calculated by the following:

*(A self-explanatory layout depicting the SHA 256 algorithm)*

In Blockchain, these message digests are the Nonce values, the link to the previous block in the active chain, and the message for the transaction. Comparing the hash values obtained by both parties can be done by anyone and needs only the public key, however no third-party can view the actual details of the message/transaction as they are hidden by Private Key Encryption.

In Conclusion

SHA-256 may as well be one of the more secure algorithms for hashing. In fact, it needs a significantly large amount of time, space and computation to collide a solution. BlockChain handles such freak occurrences from the distributed ledger by invalidating the malicious node. However, sooner or later, someone is definitely going to crack the P vs NP problem, which will pave the way to formulate the occurrence of a Prime Number. This will soon render SHA-like encryptions useless. Even with the upsurge in computation power in PCs, SHAs may soon be solved.

But does this mean, it was for naught? No, on the contrary, this stands to showcase the feats of human logic and how much essential security can be generated even by the brain. In fact, the testimony it stands to give shall be that of how even those behind the computer screens, far from the brawn, may lead Companies, Technologies, Communities, Nations and the complete Human Species as a whole.