SHA-256 uses the following bitwise functions during the hash algorithm:
$$\begin{align*} \Sigma_0^{\{256\}}(x)&=\operatorname{ROTR}^{ 2}(x)\oplus\operatorname{ROTR}^{13}(x)\oplus\operatorname{ROTR}^{22}(x)\\ \Sigma_1^{\{256\}}(x)&=\operatorname{ROTR}^{ 6}(x)\oplus\operatorname{ROTR}^{11}(x)\oplus\operatorname{ROTR}^{25}(x)\\ \sigma_0^{\{256\}}(x)&=\operatorname{ROTR}^{ 7}(x)\oplus\operatorname{ROTR}^{18}(x)\oplus\operatorname{SHR}^{ 3}(x)\\ \sigma_1^{\{256\}}(x)&=\operatorname{ROTR}^{17}(x)\oplus\operatorname{ROTR}^{19}(x)\oplus\operatorname{SHR}^{10}(x)\end{align*}$$
Is there are reason behind the number of circular right shifts (ROTR) each of these functions use? I'm guessing its to try and "scramble" the bits as much as possible, but why for example does Σ0 use rotations of 2, 13, and 22?
Is there an actual reason, or are they arbitrary?
I notice each function uses a prime number for at least one of their rotations, but aside from that I haven't been able to find a reason for the numbers. The specification doesn't seem to explain why.
