After a bit of research, I finally understand what's the step by step algorithm of SHA-2 (however, of course, I won't remember it myself). But I don't understand what's the idea behind it. Did the group of the algorithm's developers just randomly pick some constants and functions and apply them to the data and these constants, and then prove that it is strong enough? How else would they come up with such functions? I couldn't find a beginner-friendly answer for this question. Hope here I can ask for help.
Asked
Active
Viewed 147 times
2
-
2The experience path MD4-> MD-5 -> SHA-0 -> SHA-1 -> SHA-2. There is no proof for security, analyzed according to known attacks. – kelalaka Mar 14 '22 at 17:31
-
So they Did just randomly pick those constants and functions and we now have this as a "standard"? – Wynell Mar 14 '22 at 17:32
-
Constant = Initial values; they are usually chosen nothing-in-my-sleeve-number, see here. – kelalaka Mar 14 '22 at 17:35
-
2They are based on MD construction, so a block cipher (compression function) is constructed (named SHACAL for SHA-1) with higher rounds than normal block cipher and wider block-size. The security ( almost) is based on the compression function. – kelalaka Mar 14 '22 at 21:05
-
Although not a duplicate, the answer to another question may explain well the mechanism of Merkle-Daamgard-based hash functions. – DannyNiu Mar 15 '22 at 01:09