 | TurboSFV - Hash types |
| Overview | ||||||||||||||||
|
TurboSFV supports various hash functions, which are used for calculating checksums
for files, for example those from the SHA-3 or BLAKE3 families. Checksums are fingerprints
or digital signatures of bit streams: Their calculation and the length of the hash
digits depend on the used hash algorithm. Checksums can be used to algorithmically identify a file. In general, if a file changes, then the checksum will change. So checksums can be used to validate the integrity of files and to detect data corruption. TurboSFV as a checksum calculation and validation software can generate hash values for files in an entire folder tree. The security of a hash function mainly depends on the used hash algorithm and the length of the hash digits. At the time of writing, CRC-32, MD5 and SHA-1 are insecure: A different file with the same checksum can be found or even generated. Thus, these hash functions can't be trusted and can only be used in areas with low security requirements. Cryptographic algorithms, such as from the SHA-3 or BLAKE3 families, must provide resistance to these types of attacks. Finding two different files with the same hash value or to conclude data just from the hash digits shouldn't be possible. Checksums, produced by these hash functions, should uniquely represent the data. The decision, which hash function to use, depends on the application, the amount of data and the available computer power (some algorithms are CPU hungry). For example, a cryptographic hash function should be used in the aera of biometric data. In TurboSFV, the hash functions are implemented as a 64-bit version (x64 CPU instructions) as well as a 32-bit version (x86 CPU instructions). Starting with SHA-1, special SSE based instructions (Streaming SIMD (Single Instruction Multiple Data) Extensions) can be optionally used, if the CPU supports them. For SHA-1, these are SHA1RNDS4, SHA1MSG1, SHA1MSG2 and SHA1NEXTE. For SHA-256 (as well as SHA-224), the instructions SHA256RNDS2, SHA256MSG1 and SHA256MSG2 provide a much better performance for calculating checksums. Additionally, TurboSFV x64 includes a special SSE based implementation for algorithms from the BLAKE3 family (BLAKE3-256, BLAKE3-512, BLAKE3-1024, BLAKE3-2048), which calculates hash values in a parallel manner. TurboSFV supports the calculation of hash values by using the following hash functions. Mentioned links to some external websites provide you with further details. | ||||||||||||||||
| ||||||||||||||||
| SHA-3 family | ||||||||||||||||
| ||||||||||||||||
|
The SHA-3 hash functions are specified in the FIPS 202 issued by NIST (US National Institute of
Standards and Technology), as the new "SHA-3 standard". The algorithm is based on KECCAK,
which was the winner of the SHA-3 competition, announced by NIST in 2012. SHA-3 was specified by NIST, to have an alternative to the SHA-2 family in place in case of a successful attack against SHA-2. SHA-2 is based on the same technical principles as SHA-1, for which successful attacks are known since 2005. SHA-3 however uses a different method for generating hash values, the "sponge construction". In FIPS 202, the specification of SHA-3 slightly differs from the original KECCAK algorithm, submitted to the NIST SHA-3 competition. But the change has no negative impact on the security of the algorithm: Only the padding (fill bits for the last message block) is different, allowing additional hash modes in the future. The KECCAK algorithm is based on numerous operations with 64-bit numbers. Thus, it's recommended to use the capabilities of a 64-bit CPU for the calculation of SHA-3 hash values, which is only enabled on 64-bit operating systems. TurboSFV x64 was designed to run in a 64-bit environment. Supported SHA-3 hash functions as specified in FIPS 202 and their output lengths: | ||||||||||||||||
| ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| BLAKE3 family | ||||||||||||||||
| ||||||||||||||||
|
BLAKE3 is the successor of BLAKE2 and combines BLAKE2 variants in one hash function. The basic structure of BLAKE3 is
a binary tree, allowing parallel computation on multiple processors or SIMD processing of data.
Furthermore, BLAKE3 offers extendable output to produce other output lengths than the default length, which is 256 bit.
Like BLAKE2, BLAKE3 is a cryptographic hash function and supports keyed calculation of hash values. The BLAKE3 implementation in TurboSFV follows the BLAKE3 specification version 20200221 TurboSFV x64 v10.50 comes with a special SSE (Streaming SIMD Extensions) based implementation for the calculation of BLAKE3 hash values, which provides a parallel computation in lanes. Furthermore, multiple CPUs can be used for a even better performance. As a precondition, the used CPU must support SSE instructions up to and including instruction set SSE4.1. Supported BLAKE3 hash functions and their output lengths: | ||||||||||||||||
| ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| BLAKE2 family | ||||||||||||||||
| ||||||||||||||||
|
The hash algorithms from the BLAKE2 family are based on BLAKE, which was one of the finalists in the SHA-3 competition
by NIST. BLAKE2 is the successor of BLAKE, optimized for speed and with less memory usage. BLAKE2 is specified in RFC 7693
and claims to be secure. The algorithms implemented in TurboSFV are BLAKE2S, BLAKE2SP, BLAKE2B and BLAKE2BP. BLAKE2S operates with 32-bit integers and is mainly designed for 32-bit CPUs. BLAKE2SP runs eight instances of BLAKE2S in parallel mode. Both produces digests up to 256 bits. BLAKE2B on the other hand works with 64-bit numbers and is optimized for 64-bit platforms. BLAKE2BP is designed to run in parallel mode and works with four instances of BLAKE2B. BLAKE2B and BLAKE2BP deliver hash digits up to 512 bits. The algorithms support standardized keyed hashing as well as salt, which are interesting features in the light of future extensions of TurboSFV. For BLAKE2, TurboSFV offers digest lengths from 256 bits up to 512 bits, in particular BLAKE2S-256, BLAKE2SP-256, BLAKE2B-256, BLAKE2B-384, BLAKE2B-512, BLAKE2BP-256, BLAKE2BP-384 and BLAKE2BP-512. Note that the listed algorithms produce diffe Supported BLAKE2 hash functions and their output lengths: | ||||||||||||||||
| ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| SHA-2 family | ||||||||||||||||
| ||||||||||||||||
|
The SHA-2 family includes the secure hash algorithms SHA-224, SHA-256, SHA-384, SHA-512 plus
the two t-bit hash functions SHA-512/224 and SHA-512/256. The t-bit hash functions SHA-512/224 and SHA-512/256 are based on SHA-512, but they start with different initial vectors and come with smaller hash values. For example, SHA-512/256 is used in applications, where on one hand a key length of 256 bit is needed, on the other hand the higher security of SHA-512 instead of SHA-256. Additionally, on x64 platforms, SHA-512 can have a better performance - if properly coded. For the algorithms SHA-256 and SHA-224, the calculation mode can be optionally switched to special SSE (Streaming SIMD Extensions) based instructions (SHA256RNDS2, SHA256MSG1, SHA256MSG2), instead of using the default x86 (32-bit) and x64 (64-bit) CPU instructions - if supported by the CPU. TurboSFV checks the CPU against the needed features, before using them. By calculating with SSE based instructions, the computation can be up to seven times faster. Supported SHA-2 hash functions and their output lengths: | ||||||||||||||||
| ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| xxHash | ||||||||||||||||
| ||||||||||||||||
|
xxHash is an open source project with the goal to develop a fast hash algorithm. The algorithm is not designed to be
used in cryptographic areas and is also not collision resistant. TurboSFV supports the variants XXH32 and XXH64: XXH32 works with 32-bit numbers and is optimized for 32-bit environments, while XXH64 operates with 64-bit numbers and is thus optimized for 64-bit CPUs. XXH32 produces digits with 32 bits, while XXH64 delivers a 64-bit hash value. Optionally, both can take a seed value as an additional input (similar to salt), but this is not supported by TurboSFV. In the current state of development, XXH32 and XXH64 seem to be stable now and thus the checksums produced by them - but there is no guarantee for it. The implementation in TurboSFV is in line with the documentation v0.1.1 (10/10/18). TurboSFV doesn't use any of the libraries provided by the open source project. Supported xxHash hash functions and their output lengths: | ||||||||||||||||
| ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| SHA-1 - Secure hash algorithm | ||||||||||||||||
| ||||||||||||||||
|
SHA-1 was published in 1995 by NIST, to provide a cryptographic hash function to be used
by federal departments in applications and as a standard in protocols, available also
for private and commercial users. Since 2005, successful attacks on SHA-1 are known and SHA-2
was later announced as the successor. The basic implementation in TurboSFV works with x86 (32-bit) and x64 (64-bit) CPU instructions. Optionally, the calculation process can be switched to special SHA-1 SSE (Streaming SIMD Extensions) instructions, which are available in Intel processors since 2016 and in AMD processors since 2017. These SSE instructions (SHA1RNDS4, SHA1MSG1, SHA1MSG2, SHA1NEXTE) allow a computation in a parallel manner, thus the overall calculation can be up to four times faster. TurboSFV checks the CPU against the needed features before using them. | ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| MD5 - Message-digest 5 hash function | ||||||||||||||||
| ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| CRC-32 - Cyclic redundancy check | ||||||||||||||||
| ||||||||||||||||
| ||||||||||||||||
|
| ||||||||||||||||
| ||||||||||||||||
 | |
 |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
| Privacy Policy | Copyright © 2007-2025 Jörg Krahe. All Rights reserved! |