Introduction to SHA-512 in Cryptographic

SHA−512 (Secure Hash Algorithm 512-bit) SHA-512, or Secure Hash method 512, is a hashing technique that converts text of arbitrary length into a fixed-size string. Each output has a SHA-512 length of 512 bits (64 bytes). This algorithm is frequently used for email address hashing, password hashing, and digital record verification. SHA-512 is also used in blockchain technology, with the BitShares network becoming the most known example. What is SHA-512? SHA-512 generates a hash value of 512 bits (64 bytes), making it one of the largest hash functions in the SHA-2 family. SHA-512, like all cryptographic hash algorithms, has the following basic properties − Deterministic − The same input will always get the same result. Fast to compute − The hash for any given data can be calculated very quickly. Irreversible − You can not determine the original input from its hash. Collision-resistant − It is computationally challenging to discover two distinct inputs that generate the same hash. Avalanche effect − A small change in input (even flipping a single bit) results in a significantly different hash .

How SHA-512 Works? Without going too far into the mathematical concepts, SHA-512 operates as follows − Initialization − It starts with eight hash values calculated from the square roots of the initial eight prime numbers. Pre-processing − The input message is padded so that it is a multiple of the Block size. The original message's 128-bit length (before padding) is added to the very end of the padded message. Parsing − The message is then separated into 1024-bit parts. Main Loop − The main loop analyses each 1024-bit block in 80 rounds, manipulating the data via logical operations, bitwise shifts, and modular arithmetic. Output − After all of the blocks have been processed, the resulting 512-bit message digest is output as the hash.

Algorithm The SHA-512 algorithm consists of the following steps − Message Padding − First, your message is padded to ensure that it is the correct size for the algorithm. This ensures that it can be broken down into blocks and processed. Initial hash values − The algorithm starts with eight initial hash values. These set values serve as the basis for the hashing procedure. Message processing − The padded message is divided into blocks. Each block progresses over a series of stages known as rounds. In each round, the block is mixed and adjusted using specific techniques. Final hash value − After all blocks have been examined, the hash value is computed. This hash value serves as a unique fingerprint for the original message. Output − The SHA-512 algorithm generates the final hash result, which is generally a string of hexadecimal integers. This is the value returned after hashing your original message.

Cryptography Digital signatures Digital signatures are the public-key primitives of message authentication. In the physical world, it is common to use handwritten signatures on handwritten or typed messages. They are used to bind signatory to the message. Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding can be independently verified by receiver as well as any third party. Digital signature is a cryptographic value that is calculated from the data and a secret key known only by the signer. In real world, the receiver of message needs assurance that the message belongs to the sender and he should not be able to repudiate the origination of that message. This requirement is very crucial in business applications, since likelihood of a dispute over exchanged data is very high.

Model of Digital Signature As mentioned earlier, the digital signature scheme is based on public key cryptography. The model of digital signature scheme is depicted in the following illustration −

The following points explain the entire process in detail − Each person adopting this scheme has a public-private key pair. Generally, the key pairs used for encryption/decryption and signing/verifying are different. The private key used for signing is referred to as the signature key and the public key as the verification key. Signer feeds data to the hash function and generates hash of data. Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signature is appended to the data and then both are sent to the verifier. Verifier feeds the digital signature and the verification key into the verification algorithm. The verification algorithm gives some value as output. Verifier also runs same hash function on received data to generate hash value. For verification, this hash value and output of verification algorithm are compared. Based on the comparison result, verifier decides whether the digital signature is valid. Since digital signature is created by private key of signer and no one else can have this key; the signer cannot repudiate signing the data in future.

Importance of Digital Signature Out of all cryptographic primitives, the digital signature using public key cryptography is considered as very important and useful tool to achieve information security. Apart from ability to provide non-repudiation of message, the digital signature also provides message authentication and data integrity. Let us briefly see how this is achieved by the digital signature − Message authentication Data Integrity Non-repudiation

Encryption with Digital Signature In many digital communications, it is desirable to exchange an encrypted messages than plaintext to achieve confidentiality. In public key encryption scheme, a public (encryption) key of sender is available in open domain, and hence anyone can spoof his identity and send any encrypted message to the receiver. This makes it essential for users employing PKC for encryption to seek digital signatures along with encrypted data to be assured of message authentication and non-repudiation .

X.509 Authentication Service X.509 is a digital certificate that is built on top of a widely trusted standard known as ITU or International Telecommunication Union X.509 standard, in which the format of PKI certificates is defined . X.509 digital certificate is a certificate-based authentication security framework that can be used for providing secure transaction processing and private information. These are primarily used for handling the security and identity in computer networking and internet-based communications.

Format of X.509 Authentication Service Certificate :

The certificate includes the elements given below: Version number: It defines the X.509 version that concerns the certificate. Serial number: It is the unique number that the certified authority issues. Signature Algorithm Identifier: This is the algorithm that is used for signing the certificate. Issuer name: Tells about the X.509 name of the certified authority which signed and created the certificate. Period of Validity: It defines the period for which the certificate is valid. Subject Name: Tells about the name of the user to whom this certificate has been issued. Subject’s public key information: It defines the subject’s public key along with an identifier of the algorithm for which this key is supposed to be used. Extension block: This field contains additional standard information. Signature: This field contains the hash code of all other fields which is encrypted by the certified authority private key.

Characteristics of X.509 Authentication Certificates Standardized Format Follows the ITU-T standard, ensuring interoperability across different systems and platforms. Based on Public Key Cryptography Contains a public key for secure encryption, authentication, and digital signing. Issued by a Certificate Authority (CA) Signed by a trusted CA that verifies and authenticates the certificate holder’s identity. Includes Identity Information Stores details like Common Name, Organization, Country, and optionally Email Address. Defined Validity Period Has a start and expiration date; invalid after expiry unless renewed. Supports Revocation Mechanisms Can be revoked early using CRLs or OCSP if compromised or misused. Supports Trust Hierarchies Enables trust chains through root and intermediate CAs in a scalable structure. Digitally Signed Digitally signed by the CA to ensure the certificate’s authenticity and integrity.

Applications of X.509 Authentication Service Certificate: Many protocols depend on X.509 and it has many applications, some of them are given below: Document Signing and Digital Signatures : X.509 certificates are used to verify the authenticity and integrity of digital documents through digital signatures. Web Server Security (TLS/SSL Certificates : They are essential for securing websites using Transport Layer Security (TLS) or Secure Sockets Layer (SSL), enabling HTTPS and encrypting communication between web browsers and servers. Email Certificates : X.509 certificates provide email encryption and authentication, ensuring the confidentiality and authenticity of email communication (e.g., using S/MIME). Code Signing : These certificates are used to digitally sign software, ensuring that the code has not been tampered with and verifying the identity of the software publisher. Secure Shell Protocol (SSH) Keys : Although SSH typically uses a different key format, X.509 certificates can be used in certain environments for enhanced SSH authentication. Digital Identities : X.509 certificates are a fundamental component in establishing digital identities for users, devices, and services in secure systems.

Kerberos Kerberos provides a centralized authentication server whose function is to authenticate users to servers and servers to users. In Kerberos Authentication server and database is used for client authentication. Kerberos runs as a third-party trusted server known as the Key Distribution Center (KDC). Each user and service on the network is a principal. The main components of Kerberos are: Authentication Server (AS): The Authentication Server performs the initial authentication and ticket for Ticket Granting Service. Database: The Authentication Server verifies the access rights of users in the database. Ticket Granting Server (TGS): The Ticket Granting Server issues the ticket for the Server

Working of Kerberos Step-1: User login and request services on the host. Thus user requests for ticket-granting service. Step-2: Authentication Server verifies user's access right using database and then gives ticket-granting-ticket and session key. Results are encrypted using the Password of the user. Step-3: The decryption of the message is done using the password then send the ticket to Ticket Granting Server. The Ticket contains authenticators like user names and network addresses. Step-4: Ticket Granting Server decrypts the ticket sent by User and authenticator verifies the request then creates the ticket for requesting services from the Server. Step-5: The user sends the Ticket and Authenticator to the Server. Step-6: The server verifies the Ticket and authenticators then generate access to the service. After this User can access the services.

Secure Electronic Transaction (SET) Protocol Secure Electronic Transaction or SET is a security protocol designed to ensure the security and integrity of electronic transactions conducted using credit cards. Unlike a payment system, SET operates as a security protocol applied to those payments. It uses different encryption and hashing techniques to secure payments over the internet done through credit cards. The SET protocol was supported in development by major organizations like Visa, Mastercard , and Microsoft which provided its Secure Transaction Technology (STT), and Netscape which provided the technology of Secure Socket Layer (SSL).

PGP - Authentication and Confidentiality Pretty Good Privacy (PGP) is an encryption software designed to ensure the confidentiality, integrity, and authenticity of virtual communications and information. It is considered as one of the best methods for securing digital facts. At its core, PGP works on a hybrid cryptographic method that combines symmetric-key and public-key cryptography techniques. Symmetric-key cryptography uses one secret key for both encrypting and decrypting data. Public-key cryptography uses two keys: a public key (shared with everyone) for encryption and a private key (kept secret) for decryption. The following are the services offered by PGP: 1. Authentication 2. Confidentiality 3. Email Compatibility 4. Segmentation

Introduction to SHA-512 in Cryptographic

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Introduction to SHA-512 in Cryptographic

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx