About SHA384 hash
SHA-384 (Secure Hash Algorithm 384-bit) is a member of the SHA-2 family of cryptographic hash functions. It is designed to produce a longer hash value compared to SHA-256, offering increased security by providing a 384-bit output.
Characteristics of SHA-384
Fixed-Length Output:
- SHA-384 produces a fixed-length output of 384 bits (48 bytes), regardless of the input data's length.
Input Padding:
- Similar to SHA-256, the input message for SHA-384 is padded so that its length is congruent to 896 modulo 1024. Padding involves appending a single '1' bit, followed by '0' bits until the message length is 128 bits short of a multiple of 1024. The length of the original message (before padding) is then appended as a 128-bit integer.
Processing in Blocks:
- SHA-384 processes the input message in 1024-bit (128-byte) blocks.
Initialization Vector (IV):
- SHA-384 starts with a predefined initial state composed of eight 64-bit words:
- H0 = 0xCBBB9D5DC1059ED8
- H1 = 0x629A292A367CD507
- H2 = 0x9159015A3070DD17
- H3 = 0x152FECD8F70E5939
- H4 = 0x67332667FFC00B31
- H5 = 0x8EB44A8768581511
- H6 = 0xDB0C2E0D64F98FA7
- H7 = 0x47B5481DBEFA4FA4
- SHA-384 starts with a predefined initial state composed of eight 64-bit words:
Compression Function:
- The SHA-384 compression function is similar to SHA-512, involving 80 rounds of processing for each 1024-bit block. Each round uses different logical functions, constants, and message schedule operations:
- Logical functions include bitwise operations (AND, OR, XOR, NOT), additions, and shifts/rotations.
- Constants are derived from the first 64 bits of the fractional parts of the cube roots of the first 80 prime numbers.
- The SHA-384 compression function is similar to SHA-512, involving 80 rounds of processing for each 1024-bit block. Each round uses different logical functions, constants, and message schedule operations:
Algorithm Steps
Initialization:
- Initialize the state variables (H0 to H7) to the predefined values.
Padding:
- Pad the input message according to the specified padding rules.
Processing:
- Divide the padded message into 1024-bit blocks.
- For each block, perform the 80 iterations of the compression function, updating the state variables.
Output:
- After processing all blocks, concatenate the state variables (H0 to H5) to produce the final 384-bit hash value.
Security and Usage
Security:
- Collision Resistance: SHA-384 provides strong collision resistance due to its longer output size, making it extremely difficult for two different inputs to produce the same hash output.
- Preimage Resistance: SHA-384 is resistant to preimage attacks, making it computationally infeasible to find an input that hashes to a given output.
- Second-Preimage Resistance: SHA-384 also offers strong resistance to second-preimage attacks, ensuring that it is difficult to find a second input with the same hash as a given input.
- SHA-384's longer output size provides additional security margin compared to SHA-256, particularly in applications requiring high resistance to collision attacks.
Usage:
- SHA-384 is used in various security-critical applications where a longer hash value is desirable, including digital signatures, SSL/TLS certificates, and data integrity verification.
- It is particularly suitable for applications that require a higher level of security assurance and where the additional computational overhead of processing larger blocks is acceptable.
Summary
SHA-384 is a cryptographic hash function in the SHA-2 family that produces a 384-bit hash value. It offers strong security properties, including resistance to collisions, preimage attacks, and second-preimage attacks. SHA-384 is used in applications that benefit from its longer hash output, providing increased security assurance compared to shorter hash functions like SHA-256. Its robust security and suitability for various cryptographic applications make it a valuable choice in modern security protocols and systems.