Overview |
TurboSFV supports various hash functions to calculate checksums
for files. Checksums are fingerprints or digital signatures of bit
streams. Their calculation and length of the hash digits depends on the used hash algorithm.
Checksums can be used to algorithmically identify a file. In general,
if a file changes, then the checksum will change. So checksums can
be used to validate data.
The security of a hash function mainly depends on the used hash algorithm and the length
of the hash digits. At the time of writing, CRC-32, MD5 and SHA-1 are insecure: A different
file with the same checksum can be created or found. The decision, which hash function to use,
depends on the application and the available computer power.
TurboSFV supports the calculation of hash values using the following
hash functions. Mentioned links to some external websites provide you with further
details.
|
CRC-32 - Cyclic redundancy check |
|
- Length of the hash digits: 32 bits
- File extension: sfv
- External links:
|
MD5 - Message-digest 5 hash function |
|
- Length of the hash digits: 128 bits
- File extension: md5
- External links:
|
SHA-1 - Secure hash algorithm |
|
- Length of the hash digits: 160 bits
- File extension: sh1
- External links:
|
SHA-2 family |
|
The SHA-2 family includes the secure hash algorithms SHA-224, SHA-256, SHA-384, SHA-512 plus
the two t-bit hash functions SHA-512/224 and SHA-512/256.
The t-bit hash functions SHA-512/224 and SHA-512/256 are based on SHA-512, but they start with
different initial vectors and come with smaller hash values.
For example, SHA-512/256 is used in applications, where on one hand a keylength of 256 bit is needed,
on the other hand the higher security of SHA-512 instead of SHA-256. Additionally, on x64 platforms,
SHA-512 can have a better performance - if properly coded.
|
Hash function | Length |
SHA-224 | 224 bits |
SHA-256 | 256 bits |
SHA-384 | 384 bits |
SHA-512 | 512 bits |
SHA-512/224 | 224 bits |
SHA-512/256 | 256 bits |
|
- File extension: sh2
- External links:
|
SHA-3 family |
|
The SHA-3 hash functions are specified in the NIST standard FIPS 202 and are based on the KECCAK algorithm.
In FIPS 202, the specification of SHA-3 slightly differs from the original KECCAK algorithm, which was submitted
to the NIST SHA-3 competition. But there is no impact on the security of KECCAK, because only the padding (fill bits
for the last message block) has changed.
SHA-3 was specified by NIST, to have an alternative to the SHA-2 family in place in case of a successfull attack
against SHA-2. SHA-2 is based on the same technical principles as SHA-1, for which successfull attacks are known
since 2005.
The current version of TurboSFV includes the secure hash algorithms SHA3-224, SHA3-256, SHA3-384 and
SHA3-512, as specified in FIPS 202.
The KECCAK algorithm is based on numerous operations with 64-bit numbers. Thus, it's recommended to use the
capabilities of a 64-bit CPU for the calculation of SHA-3 hash values, which is only enabled on 64-bit operating
systems. TurboSFV x64 was designed to run in a 64-bit environment.
|
Hash function | Length |
SHA3-224 | 224 bits |
SHA3-256 | 256 bits |
SHA3-384 | 384 bits |
SHA3-512 | 512 bits |
|
- File extension: sh3
- External links:
|
BLAKE2 family |
|
The hash algorithms from the BLAKE2 family are based on BLAKE, which was one of the finalists in the SHA-3 competition
by NIST. BLAKE2 is the successor of BLAKE, optimized for speed and with less memory usage. BLAKE2 is specified in RFC 7693
and claims to be secure.
The algorithms implemented in TurboSFV are BLAKE2S and BLAKE2B: BLAKE2S operates with 32-bit integers and is mainly designed
for 32-bit CPUs. BLAKE2S produces digests up to 256 bits. BLAKE2B on the other hand works with 64-bit numbers and is
optimized for 64-bit platforms. BLAKE2B delivers hash digits up to 512 bits.
Both support standardized keyed hashing as well as salt, which are interesting features in the light of future
extensions of TurboSFV.
For BLAKE2, TurboSFV offers digest lengths from 256 bits up to 512 bits, in particular BLAKE2S-256, BLAKE2B-256,
BLAKE2B-384 and BLAKE2B-512. Note that BLAKE2S-256 produces different hash values comparing to BLAKE2B-256.
|
Hash function | Length |
BLAKE2S-256 | 256 bits |
BLAKE2B-256 | 256 bits |
BLAKE2B-384 | 384 bits |
BLAKE2B-512 | 512 bits |
|
- File extension: blk
- External links:
|
BLAKE3 |
|
BLAKE3 is the successor of BLAKE2 and combines BLAKE2 variants in one hash function. The basic structure of BLAKE3 is
a binary tree, allowing parallel computation on multiple processors. Furthermore, BLAKE3 offers extendable output to
produce other output lengths than the default length, which is 256 bit. Like BLAKE2, BLAKE3 is a cryptographic hash
function and supports keyed calculation of hash values.
The BLAKE3 implementation in TurboSFV follows the BLAKE3 specification version 20200221164500. TurboSFV produces BLAKE3
checksums with the default length of 256 bits plus the extended output lengths (XOF's) 512, 1024 and 2048 bits. An XOF with
1024 bits for example means, that the first 512 bits are the same as for the length 512 bit, plus additional 512 bits,
generated by another compression of the root node in the binary tree. As of TurboSFV v9.20, parallel calculation of
BLAKE3 checksums is also supported.
|
Hash function | Length |
BLAKE3-256 | 256 bits |
BLAKE3-512 | 512 bits |
BLAKE3-1024 | 1024 bits |
BLAKE3-2048 | 2048 bits |
|
- File extension: bk3
- External links:
|
xxHash |
|
xxHash is an open source project with the goal to develop a fast hash algorithm. The algorithm is not designed to be
used in cryptographic areas and is also not collision resistant.
TurboSFV supports the variants XXH32 and XXH64: XXH32 works with 32-bit numbers and is optimized for 32-bit environments,
while XXH64 operates with 64-bit numbers and is thus optimized for 64-bit CPUs. XXH32 produces digits with 32 bits, while
XXH64 delivers a 64-bit hash value. Optionally, both can take a seed value as an additional input (similar to salt), but
this is not supported by TurboSFV.
In the current state of development, XXH32 and XXH64 seem to be stable now and thus the checksums produced by them - but
there is no guarantee for it.
The implementation in TurboSFV is in line with the documentation v0.1.1 (10/10/18). TurboSFV doesn't use any of the
libraries provided by the open source project.
|
Hash function | Length |
XXH32 | 32 bits |
XXH64 | 64 bits |
|
- File extension: xxh
- External links:
|
|
|