SHA1Word格式.docx

SHA1Word格式.docx

《SHA1Word格式.docx》由会员分享，可在线阅读，更多相关《SHA1Word格式.docx（63页珍藏版）》请在冰豆网上搜索。

PatrickGallagher,ActingDirector

FOREWORD

TheFederalInformationProcessingStandardsPublicationSeriesoftheNationalInstitute

ofStandardsandTechnology（NIST）istheofficialseriesofpublicationsrelatingto

standardsandguidelinesadoptedandpromulgatedundertheprovisionsoftheFederal

InformationSecurityManagementAct（FISMA）of2002.

CommentsconcerningFIPSpublicationsarewelcomedandshouldbeaddressedtothe

Director,InformationTechnologyLaboratory,NationalInstituteofStandardsand

Technology,100BureauDrive,Stop8900,Gaithersburg,MD20899-8900.

CitaFurlani,Director

iiiii

Abstract

Thisstandardspecifiesfivehashalgorithmsthatcanbeusedtogeneratedigestsof

messages.Thedigestsareusedtodetectwhethermessageshavebeenchangedsincethe

digestsweregenerated.

Keywords:

computersecurity,cryptography,messagedigest,hashfunction,hash

algorithm,FederalInformationProcessingStandards,SecureHashStandard.FederalInformation

ProcessingStandardsPublication180-3

Announcingthe

SECUREHASHSTANDARD

FederalInformationProcessingStandardsPublications（FIPSPUBS）areissuedbytheNational

InstituteofStandardsandTechnology（NIST）afterapprovalbytheSecretaryofCommerce

pursuanttoSection5131oftheInformationTechnologyManagementReformActof1996

（PublicLaw104-106）,andtheComputerSecurityActof1987（PublicLaw100-235）.

1.NameofStandard:

SecureHashStandard（SHS）（FIPSPUB180-3）.

2.CategoryofStandard:

ComputerSecurityStandard,Cryptography.

3.Explanation:

ThisStandardspecifiesfivesecurehashalgorithms-SHA-1,SHA-224,SHA-

256,SHA-384,andSHA-512-forcomputingacondensedrepresentationofelectronicdata

（message）.Whenamessageofanylengthlessthan2

64

bits（forSHA-1,SHA-224andSHA-256）

orlessthan2

128

bits（forSHA-384andSHA-512）isinputtoahashalgorithm,theresultisan

outputcalledamessagedigest.Themessagedigestsrangeinlengthfrom160to512bits,

dependingonthealgorithm.Securehashalgorithmsaretypicallyusedwithothercryptographic

algorithms,suchasdigitalsignaturealgorithmsandkeyed-hashmessageauthenticationcodes,or

inthegenerationofrandomnumbers（bits）.

ThefivehashalgorithmsspecifiedinthisStandardarecalledsecurebecause,foragiven

algorithm,itiscomputationallyinfeasible1）tofindamessagethatcorrespondstoagiven

messagedigest,or2）tofindtwodifferentmessagesthatproducethesamemessagedigest.Any

changetoamessagewill,withaveryhighprobability,resultinadifferentmessagedigest.This

willresultinaverificationfailurewhenthesecurehashalgorithmisusedwithadigitalsignature

algorithmorakeyed-hashmessageauthenticationalgorithm.

ThisStandardsupersedesFIPS180-2[FIPS180-2].

4.ApprovingAuthority:

SecretaryofCommerce.

5.MaintenanceAgency:

U.S.DepartmentofCommerce,NationalInstituteofStandardsand

Technology（NIST）,InformationTechnologyLaboratory（ITL）.

6.Applicability:

ThisStandardisapplicabletoallFederaldepartmentsandagenciesforthe

protectionofsensitiveunclassifiedinformationthatisnotsubjecttoTitle10UnitedStatesCode

ivv

Section2315（10USC2315）andthatisnotwithinanationalsecuritysystemasdefinedinTitle

44UnitedStatesCodeSection3502

（2）（44USC3502

（2））.Thisstandardshallbeimplemented

wheneverasecurehashalgorithmisrequiredforFederalapplications,includingusebyother

cryptographicalgorithmsandprotocols.TheadoptionanduseofthisStandardisavailableto

privateandcommercialorganizations.

7.Specifications:

FederalInformationProcessingStandard（FIPS）180-3,SecureHashStandard

（SHS）（affixed）.

8.Implementations:

Thesecurehashalgorithmsspecifiedhereinmaybeimplementedin

software,firmware,hardwareoranycombinationthereof.Onlyalgorithmimplementationsthat

arevalidatedbyNISTwillbeconsideredascomplyingwiththisstandard.Informationaboutthe

validationprogramcanbeobtainedathttp:

//csrc.nist.gov/groups/STM/index.html.

9.ImplementationSchedule:

GuidanceregardingthetestingandvalidationtoFIPS180-3

anditsrelationshiptoFIPS140-2canbefoundinIG1.10oftheImplementationGuidancefor

FIPSPUB140-2andtheCryptographicModuleValidationProgramat

http:

//csrc.nist.gov/groups/STM/cmvp/index.html.

10.Patents:

Implementationsofthesecurehashalgorithmsinthisstandardmaybecoveredby

U.S.orforeignpatents.

11.ExportControl:

Certaincryptographicdevicesandtechnicaldataregardingthemare

subjecttoFederalexportcontrols.Exportsofcryptographicmodulesimplementingthisstandard

andtechnicaldataregardingthemmustcomplywiththeseFederalregulationsandbelicensedby

theBureauofExportAdministrationoftheU.S.DepartmentofCommerce.Informationabout

exportregulationsisavailableat:

http:

//www.bis.doc.gov/index.htm.

12.Qualifications:

WhileitistheintentofthisStandardtospecifygeneralsecurity

requirementsforgeneratingamessagedigest,conformancetothisStandarddoesnotassurethat

aparticularimplementationissecure.Theresponsibleauthorityineachagencyordepartment

shallassurethatanoverallimplementationprovidesanacceptablelevelofsecurity.This

Standardwillbereviewedeveryfiveyearsinordertoassessitsadequacy.

13.WaiverProcedure:

TheFederalInformationSecurityManagementAct（FISMA）doesnot

allowforwaiverstoFederalInformationProcessingStandards（FIPS）thataremademandatory

bytheSecretaryofCommerce.

14.WheretoObtainCopiesoftheStandard:

Thispublicationisavailableelectronicallyby

accessinghttp:

//csrc.nist.gov/publications/.Othercomputersecuritypublicationsareavailableat

thesamewebsite.FederalInformation

Specificationsforthe

TableofContents

1.INTRODUCTION.....................................................................................................................................3

2.DEFINITIONS...........................................................................................................................................4

2.1GLOSSARYOFTERMSANDACRONYMS.............................................................................................4

2.2ALGORITHMPARAMETERS,SYMBOLS,ANDTERMS...........................................................................4

2.2.1Parameters...........................................................................................................................4

2.2.2SymbolsandOperations.......................................................................................................5

3.NOTATIONANDCONVENTIONS.......................................................................................................7

3.1BITSTRINGSANDINTEGERS..............................................................................................................7

3.2OPERATIONSONWORDS....................................................................................................................8

4.FUNCTIONSANDCONSTANTS.........................................................................................................10

4.1FUNCTIONS......................................................................................................................................10

4.1.1SHA-1Functions................................................................................................................10

4.1.2SHA-224andSHA-256Functions......................................................................................10

4.1.3SHA-384andSHA-512Functions......................................................................................10

4.2CONSTANTS.....................................................................................................................................11

4.2.1SHA-1Constants................................................................................................................11

4.2.2SHA-224andSHA-256Constants......................................................................................11

4.2.3SHA-384andSHA-512Constants......................................................................................11

5.PREPROCESSING.................................................................................................................................13

5.1PADDINGTHEMESSAGE..................................................................................................................13

5.1.1SHA-1,SHA-224andSHA-256..........................................................................................13

5.1.2SHA-384andSHA-512.......................................................................................................13

5.2PARSINGTHEPADDEDMESSAGE.....................................................................................................14

5.2.1SHA-1,SHA-224andSHA-256..........................................................................................14

5.2.2SHA-384andSHA-512.......................................................................................................1