1

I am working on doing a naive Python implementation of SHA-1,SHA-2, and SHA-3 and I need to test and debug because the hash result right now is not correct.

I have found a step-by-step working out of SHA-256 here. https://docs.google.com/spreadsheets/d/1mOTrqckdetCoRxY5QkVcyQ7Z0gcYIH-Dc0tu7t9f7tw/edit#gid=1025601888

Can somebody link me a step-by-step working out of SHA-1, SHA-2, and SHA-3 for an example input?

kelalaka
  • 48,443
  • 11
  • 116
  • 196
arunkumaraqm
  • 111
  • 1
  • 1
    Why not just take a working implementation and put in some print statements to get the hexadecimal values? SHA-512 is not that complex. – Maarten Bodewes Oct 26 '21 at 19:34
  • @MaartenBodewes Good idea. I started doing that 15 minutes ago. – arunkumaraqm Oct 26 '21 at 19:41
  • I'll speed you up a bit, see here. If you have incorrect output (and if you do not you would not be asking) you may still need that known good implementation though, these just list the values between the rounds. – Maarten Bodewes Oct 26 '21 at 19:42
  • @MaartenBodewes That was helpful to an extent, but I did need elaborate calculations for that first block. – arunkumaraqm Oct 26 '21 at 20:08

1 Answers1

2

NIST has a very long tradition on validation of the algorithms that are approved by the NIST. It is called Cryptographic Algorithm Validation Program (CAVP). On the subpage about hash algorithm page you will find the;

Test Vectors

The test vectors linked below can be used to informally verify the correctness of secure hash algorithm implementations (in FIPS 180-4 and FIPS 202) using the validation systems listed above.

Response files (.rsp): the test vectors are properly formatted in response (.rsp) files. Vendor response files must match this format exactly.

Intermediate results files (.txt): files with intermediate results (.txt) are supplied to help with debugging.

See the README file in each zip file for details.

Download the proper one. The test vector contains, input and output, except the MonteCarlo Test. It provides inner loop information for some selected loops but not the digest!.

Intermediate Values

If you are looking for full intermediate outputs, there is

  • Cryptographic Standards and Guidelines - Examples with Intermediate Values

    • FIPS 180-2 - Secure Hash Standard

      • SHA-1
      • SHA-224
      • SHA-256
      • SHA-384
      • SHA-512
      • SHA-512/224
      • SHA-512/256

    • FIPS 202 - SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions

      • SHA3-224
      • SHA3-256
      • SHA3-384
      • SHA3-512
      • SHAKE128
      • SHAKE256

    • SP 800-185 - SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash

      • cSHAKE
      • KMAC and KMACXOF
      • TupleHash and TupleHashXOF
      • ParallelHash and ParallelHashXOF

The easiest way is outputting the exact same output format so that you can compare find the mismatch simply by a diff tool like kompare. There you can find the error with high probability.

kelalaka
  • 48,443
  • 11
  • 116
  • 196
  • 2
    Hmm, I wondered how the crypto-currency guys created such a nicely layed out document. But it seems the original from which the NIST document was created. – Maarten Bodewes Oct 26 '21 at 21:08