## About SHA224 hash

SHA-224 (Secure Hash Algorithm 224-bit) is part of the SHA-2 family of cryptographic hash functions, designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST) in 2001. It is a truncated version of SHA-256, providing a shorter 224-bit hash output while maintaining a high level of security.

### Characteristics of SHA-224

**Fixed-Length Output**:- SHA-224 produces a fixed-length output of 224 bits (28 bytes), regardless of the input data's length.

**Input Padding**:- The input message is padded so that its length is congruent to 448 modulo 512. Padding involves appending a single '1' bit, followed by '0' bits until the message length is 64 bits short of a multiple of 512. The length of the original message (before padding) is appended as a 64-bit integer.

**Processing in Blocks**:- SHA-224 processes the input message in 512-bit (64-byte) blocks.

**Initialization Vector (IV)**:- SHA-224 starts with a predefined initial state composed of eight 32-bit words:
- H0 = 0xC1059ED8
- H1 = 0x367CD507
- H2 = 0x3070DD17
- H3 = 0xF70E5939
- H4 = 0xFFC00B31
- H5 = 0x68581511
- H6 = 0x64F98FA7
- H7 = 0xBEFA4FA4

- SHA-224 starts with a predefined initial state composed of eight 32-bit words:
**Compression Function**:- SHA-224's compression function consists of 64 rounds of processing for each 512-bit block. Each round involves different logical functions and constants:
- Logical functions include bitwise operations (AND, OR, XOR, NOT), additions, and shifts/rotations.
- Constants are derived from the first 32 bits of the fractional parts of the cube roots of the first 64 prime numbers.

- SHA-224's compression function consists of 64 rounds of processing for each 512-bit block. Each round involves different logical functions and constants:

### Algorithm Steps

**Initialization**:- Initialize the state variables (H0 to H7) to the predefined values.

**Padding**:- Pad the input message according to the specified padding rules.

**Processing**:- Divide the padded message into 512-bit blocks.
- For each block, perform the 64 iterations of the compression function, updating the state variables.

**Output**:- After processing all blocks, the first seven state variables are concatenated to produce the final 224-bit hash value.

### Security and Usage

**Security**:**Collision Resistance**: SHA-224 provides strong collision resistance, making it difficult for two different inputs to produce the same hash output.**Preimage Resistance**: SHA-224 is resistant to preimage attacks, making it computationally infeasible to find an input that hashes to a given output.**Second-Preimage Resistance**: SHA-224 also offers strong resistance to second-preimage attacks, ensuring that it is difficult to find a second input with the same hash as a given input.- Overall, SHA-224 is considered secure and suitable for cryptographic applications.

**Usage**:- SHA-224 is used in various security protocols and applications, including digital signatures, certificate generation, and data integrity verification. It is particularly useful in situations where a slightly shorter hash output is desired compared to SHA-256.

### Summary

SHA-224 is a cryptographic hash function in the SHA-2 family that produces a 224-bit hash value. It offers strong security properties, including resistance to collisions, preimage attacks, and second-preimage attacks. SHA-224 is a truncated version of SHA-256 and is suitable for various cryptographic applications where a shorter hash output is needed. Due to its robust security, SHA-224 is recommended for use in modern security-critical systems and applications.