Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Grammar and spelling updates #56

Open
wants to merge 18 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion cryptographic-hash-functions/exercises-calculate-hashes.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Exercises: Calculate Hashes

In this exercise session, you are assigned to write some code to **calculate cryptographic hashes**. Write a program to **calculate hashes** of given text message: **SHA-224**, **SHA-256**, **SHA3-224**, **SHA3-384**, **Keccak-384** and **Whirlpool**. Write your code in programming language of choice.
In this exercise session, you are assigned to write some code to **calculate cryptographic hashes**. Write a program to **calculate hashes** of given a text message using **SHA-224**, **SHA-256**, **SHA3-224**, **SHA3-384**, **Keccak-384** and **Whirlpool**. Write your code in programming language of choice.

## Calculate **SHA-224 Hash**

Expand Down
4 changes: 2 additions & 2 deletions cryptographic-hash-functions/hash-functions-examples.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
# Hash Functions - Examples

In this section we shall provide a few **examples** about calculating cryptographic hash functions in Python.
In this section we shall provide a few **examples** of calculating cryptographic hash functions in Python.

## Calculating Cryptographic Hash Functions in Python

We shall use the standard Python library `hashlib`. The input data for hashing should be given as **bytes sequence** \(bytes object\), so we need to **encode the input string** using some text encoding, e.g. `utf8`. The produced **output data** is also a bytes sequence, which can be printed as hex digits using `binascii.hexlify()` as shown below:
We shall use the standard Python library `hashlib`. The input data for hashing should be given asa **bytes sequence** \(bytes object\), so we need to **encode the input string** using some text encoding, e.g. `utf8`. The produced **output data** is also a bytes sequence, which can be printed as hex digits using `binascii.hexlify()` as shown below:

```python
import hashlib, binascii
Expand Down
6 changes: 3 additions & 3 deletions cryptographic-hash-functions/proof-of-work-hash-functions.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Proof-of-Work Hash Functions

Blockchain **proof-of-work mining** algorithms use a special class of hash functions which are **computational-intensive** and **memory-intensive**. These hash functions are designed to consume a lot of computational resources and a lot of memory and to be very hard to be implemented in a hardware devices \(such as [FPGA](https://en.wikipedia.org/wiki/Field-programmable_gate_array) integrated circuits or [ASIC](https://en.wikipedia.org/wiki/Application-specific_integrated_circuit) miners\). Such hash functions are known as "**ASIC-resistant**".
Blockchain **proof-of-work mining** algorithms use a special class of hash functions which are **computationally-intensive** and **memory-intensive**. These hash functions are designed to consume a lot of computational resources and memory, and to be very hard to implement in a hardware device \(such as [FPGA](https://en.wikipedia.org/wiki/Field-programmable_gate_array) integrated circuits or [ASIC](https://en.wikipedia.org/wiki/Application-specific_integrated_circuit) miners\). Such hash functions are known as "**ASIC-resistant**".

Many hash functions are designed for proof-of-work mining algorithms, e.g. **ETHash**, **Equihash**, **CryptoNight** and **Cookoo Cycle**. These hash functions are **slow to calculate**, and usually use **GPU** hardware \([rigs](https://en.bitcoin.it/wiki/Mining_rig) of graphics cards like NVIDIA GTX 1080\) or powerful **CPU** hardware \(like Intel Core i7-8700K\) and a lot of fast **RAM** memory \(like DDR4 chips\). The goal of these mining algorithms is to **minimize the centralization of mining** by stimulating the small miners \(home users and small mining farms\) and limit the power of big players in the mining industry \(who can afford to build giant mining facilities and data centers\). A big number of **small players means better decentralization** than a small number of big players.

Expand Down Expand Up @@ -29,8 +29,8 @@ Let's explain in briefly the idea behind the **Equihash** proof-of-work mining h

How does **Equihash** work?

* Uses **BLAKE2b** to compute **50 MB hash dataset** from the previous blocks in the blockchain \(until the current block\).
* Solves the "**Generalized Birthday Problem**" over the generated hash dataset \(pick 512 different strings from 2097152, such that the binary XOR of them is zero\). The best known solution \(Wagner's algorithm\) runs in exponential time, so it requires a lot of memory-intensive and computing-intensive calculations.
* Uses **BLAKE2b** to compute a **50 MB hash dataset** from the previous blocks in the blockchain \(until the current block\).
* Solves the "**Generalized Birthday Problem**" over the generated hash dataset \(pick 512 different strings from 2097152, such that the binary XOR of them is zero\). The best known solution \(Wagner's algorithm\) runs in exponential time, so it requires a lot of memory-intensive and computationally-intensive calculations.
* **Double SHA256** the solution to compute the final hash.

Learn more about **Equihash** at: [https://www.cryptolux.org/images/b/b9/Equihash.pdf](https://www.cryptolux.org/images/b/b9/Equihash.pdf), [https://github.com/tromp/equihash](https://github.com/tromp/equihash).
Expand Down
28 changes: 14 additions & 14 deletions cryptographic-hash-functions/secure-hash-algorithms.md
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
# Secure Hash Algorithms

In the past, many **cryptographic hash algorithms** were proposed and used by software developers. Some of them was **broken** \(like **MD5** and **SHA1**\), some are still considered secure \(like **SHA-2**, **SHA-3** and **BLAKE2**\). Let's review the most widely used cryptographic hash functions \(algorithms\).
In the past, many **cryptographic hash algorithms** were proposed and used by software developers. Some of them were **broken** \(like **MD5** and **SHA1**\), some are still considered secure \(like **SHA-2**, **SHA-3** and **BLAKE2**\). Let's review the most widely used cryptographic hash functions algorithms.

## Secure Hash Functions

**Modern cryptographic hash algorithms** \(like **SHA-3** and **BLAKE2**\) are considered **secure** enough for most applications.

### SHA-2, SHA-256, SHA-512

[**SHA-2**](https://en.wikipedia.org/wiki/SHA-2) is a family of strong cryptographic hash functions: **SHA-256** \(256 bits hash\), **SHA-384** \(384 bits hash\), **SHA-512** \(512 bits hash\), etc. It is based on the cryptographic concept "[**Merkle–Damgård construction**](https://en.wikipedia.org/wiki/Merkle–Damgård_construction)" and is considered **highly secure**. SHA-2 is published as official crypto standard in the United States.
[**SHA-2**](https://en.wikipedia.org/wiki/SHA-2) is a family of strong cryptographic hash functions: **SHA-256** \(256 bits hash\), **SHA-384** \(384 bits hash\), **SHA-512** \(512 bits hash\), etc. It is based on the cryptographic concept "[**Merkle–Damgård construction**](https://en.wikipedia.org/wiki/Merkle–Damgård_construction)" and is considered **highly secure**. SHA-2 is published as an official crypto standard in the United States.

**SHA-2** is widely used by developers and in cryptography and is considered cryptographically strong enough for modern commercial applications.
**SHA-2** is widely used by developers in cryptography and is considered cryptographically strong enough for modern commercial applications.

**SHA-256** is widely used in the **Bitcoin** blockchain, e.g. for identifying the transaction hashes and for the proof-of-work mining performed by the miners.

Expand All @@ -26,17 +26,17 @@ SHA-512('hello') = 9b71d224bd62f3785d96d46ad3ea3d73319bfbc2890caadae2dff72519673

By design, **more bits at the hash output** are expected to achieve **stronger security** and higher collision resistance \(with some exceptions\). As general rule, 128-bit hash functions are weaker than 256-bit hash functions, which are weaker than 512-bit hash functions.

Thus, SHA-512 is stronger than SHA-256, so we can expect that for SHA-512 it is more unlikely to practically find a collision than for SHA-256.
Thus, SHA-512 is stronger than SHA-256, so we can expect that when using SHA-512 you are less likely to find a collision than when using SHA-256.

### SHA-3, SHA3-256, SHA3-512, Keccak-256

[**SHA-3**](https://en.wikipedia.org/wiki/SHA-3) \(and its variants SHA3-224, SHA3-256, SHA3-384, SHA3-512\), is considered **more secure than SHA-2** \(SHA-224, SHA-256, SHA-384, SHA-512\) for the same hash length. For example, SHA3-256 provides **more cryptographic strength than SHA-256** for the same hash length \(256 bits\).

The **SHA-3** family of functions are representatives of the "**Keccak**" hashes family, which are based on the cryptographic concept "[**sponge construction**](https://en.wikipedia.org/wiki/Sponge_function)". Keccak is the winner of the [SHA-3 NIST competition](https://en.wikipedia.org/wiki/NIST_hash_function_competition#Finalists).
The **SHA-3** family of functions are representatives of the "**Keccak**" hashes family, which are based on the cryptographic concept "[**sponge construction**](https://en.wikipedia.org/wiki/Sponge_function)". Keccak was the winner of the [SHA-3 NIST competition](https://en.wikipedia.org/wiki/NIST_hash_function_competition#Finalists).

Unlike **SHA-2**, the **SHA-3** family of cryptographic hash functions are not vulnerable to the "[**length extension attack**](https://en.wikipedia.org/wiki/Length_extension_attack)".

**SHA-3** is considered **highly secure** and is published as official recommended crypto standard in the United States.
**SHA-3** is considered **highly secure** and is published as an official recommended crypto standard in the United States.

The hash function **Keccak-256**, which is used in the **Ethereum** blockchain, is a variant of SHA3-256 with some constants changed in the code.

Expand All @@ -62,7 +62,7 @@ The **BLAKE2** function is an improved version of **BLAKE**.

**BLAKE2b** \(typically **512-bit**\) is BLAKE2 implementation, performance-optimized for 64-bit microprocessors.

The **BLAKE2** hash function has similar security strength like SHA-3, but is less used by developers than SHA2 and SHA3.
The **BLAKE2** hash function is similar in strength to SHA-3, but is less frequently used by developers compared with SHA2 and SHA3.

Examples of BLAKE hashes:

Expand Down Expand Up @@ -100,23 +100,23 @@ Avoid using of the following hash algorithms, which are considered **insecure**

The below functions are popular strong cryptographic hash functions, alternatives to SHA-2, SHA-3 and BLAKE2:

* [**Whirlpool**](https://en.wikipedia.org/wiki/Whirlpool_%28hash_function) is secure cryptographic hash function, which produces 512-bit hashes.
* [**SM3**](https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html) is the crypto hash function, officialy standartized by the **Chinese government**. It is similar to SHA-256 \(based on the Merkle–Damgård construction\) and produces 256-bit hashes.
* [**GOST**](https://en.wikipedia.org/wiki/GOST_%28hash_function) \(GOST R 34.11-94\) is secure cryptographic hash function, the Russian national standard, described in [RFC 4357](https://tools.ietf.org/html/rfc4357). It produces 256-bit hashes.
* [**Whirlpool**](https://en.wikipedia.org/wiki/Whirlpool_%28hash_function) is a secure cryptographic hash function, which produces 512-bit hashes.
* [**SM3**](https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html) is the crypto hash function, officialy standardized by the **Chinese government**. It is similar to SHA-256 \(based on the Merkle–Damgård construction\) and produces 256-bit hashes.
* [**GOST**](https://en.wikipedia.org/wiki/GOST_%28hash_function) \(GOST R 34.11-94\) is a secure cryptographic hash function, the Russian national standard, described in [RFC 4357](https://tools.ietf.org/html/rfc4357). It produces 256-bit hashes.

The below functions are less popular alternatives to SHA-2, SHA-3 and BLAKE, finalists at the [SHA-3 NIST competition](https://en.wikipedia.org/wiki/NIST_hash_function_competition#Finalists):

* [**Skein**](https://en.wikipedia.org/wiki/Skein_%28hash_function) is secure cryptographic hash function, capable to derive 128, 160, 224, 256, 384, 512 and 1024-bit hashes.
* [**Grøstl**](https://en.wikipedia.org/wiki/Grøstl) is secure cryptographic hash function, capable to derive 224, 256, 384 and 512-bit hashes.
* [**JH**](https://en.wikipedia.org/wiki/JH_%28hash_function) is secure cryptographic hash function, capable to derive 224, 256, 384 and 512-bit hashes.
* [**Skein**](https://en.wikipedia.org/wiki/Skein_%28hash_function) is a secure cryptographic hash function, capable of deriving 128, 160, 224, 256, 384, 512 and 1024-bit hashes.
* [**Grøstl**](https://en.wikipedia.org/wiki/Grøstl) is a secure cryptographic hash function, capable of deriving 224, 256, 384 and 512-bit hashes.
* [**JH**](https://en.wikipedia.org/wiki/JH_%28hash_function) is a secure cryptographic hash function, capable of deriving 224, 256, 384 and 512-bit hashes.

### No Collisions for SHA-256, SHA3-256, BLAKE2s and RIPEMD-160 are Known

As of Oct 2018, **no collisions are known** for: **SHA256**, **SHA3-256**, **Keccak-256**, **BLAKE2s**, **RIPEMD160** and few others.

**Brute forcing** to find hash function collision as general costs: 2128 for SHA256 / SHA3-256 and 280 for RIPEMD160.

Respectively, on a powerful enough **quantum computer**, it will cost less time: 2256/3 and 2160/3 respectively. Still \(as of September 2018\) so powerful quantum computers are not known to exist.
On a powerful enough **quantum computer**, it will cost less time: 2256/3 and 2160/3 respectively. Still \(as of September 2018\) such powerful quantum computers are not known to exist.

Learn more about cryptographic hash functions, their strength and **attack resistance** at: [https://z.cash/technology/history-of-hash-function-attacks.html](https://z.cash/technology/history-of-hash-function-attacks.html)

2 changes: 1 addition & 1 deletion digital-signatures/rsa-signatures.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ The **RSA** public-key cryptosystem provides a **digital signature scheme** \(si

## Key Generation

The RSA algorithm uses **keys** of size 1024, 2048, 4096, ..., 16384 bits. RSA supports also longer keys \(e.g. 65536 bits\), but the performance is too slow for practical use \(some operations may take several minutes or even hours\). For 128-bit security level, a 3072-bit key is required.
The RSA algorithm uses **keys** of size 1024, 2048, 4096, ..., 16384 bits. RSA supports also longer keys \(e.g. 65536 bits\), but the performance is too slow for practical use \(some operations may take several minutes or even hours\). For a 128-bit security level, a 3072-bit key is required.

The **RSA key-pair** consists of:

Expand Down