單向雜湊函數在實際應用上有著相當多的用途,例如能夠將使用者通行碼以其產生之訊息摘要並加以保護儲存,也可在資料儲存與傳輸上能夠確保資料的完整性。常用之單向雜湊函數多有安全疑慮,在MD5與SHA-0陸續被破解,以及SHA-1也出現理論上的破解後,雖然美國國家標準局隨後推出SHA-2,但SHA-2與上述雜湊函數所使用的結構函數相似,因此NIST透過雜湊函數競賽在2012年10月選出了Keccak,並在2015年8月發布新型單向雜湊函數SHA-3。本論文探討SHA-3之內部狀態與結構並利用NIST亂數測試標準檢測SHA-2與SHA-3之訊息摘要的安全性,分析不同亂數測試的結果,並依照雪崩效應定義檢測兩者所產生之訊息摘要的結果。SHA-2與SHA-3皆通過統計測試之檢測,而在雪崩效應之檢測方面,經過統計後皆呈現常態分布。雖然SHA-2因為結構上有疑慮但經過實驗檢測後還是具有一定的安全性,而SHA-3屬於較新的雜湊函數,在經過同樣的實驗檢測後,同樣具有相當的安全性。
One-way hash functions are widely used in application. They can be used to make sure the integrity of the data in storage and transmission. But some of them still have some doubts, such as the successful attacks on MD5 and SHA-1 and theoretical attacks on SHA-1. Although NIST published SHA-2, the construction of SHA-2 is similar to these algorithms. A new algorithm Keccak is selected by NIST and a totally new hash standard SHA-3 is announced at August 2015. In this thesis, we firstly discuss the construction and the internal state of SHA-3. Secondly, we detect the security of the message digest of SHA-2 and SHA-3 by the NIST SP800-22a statistical test suite of random numbers. Finally, we detect the avalanche effect of the message digest. In our simulation, both SHA-2 and SHA-3 have passed the test above. Although SHA-2 has the doubt in its construction, it is still pass of the test, and the new hash function, SHA-3, is secure enough by passed the tests.
為了持續優化網站功能與使用者體驗,本網站將Cookies分析技術用於網站營運、分析和個人化服務之目的。
若您繼續瀏覽本網站,即表示您同意本網站使用Cookies。