With the Merkle Damgard Transform, how does it handle messages that are shorter than the input message length - hash digest length? Or in other words, how is the last block handled? So for example, if I have a 40 bit long message and I want to use SHA 256 to get a hash digest, how would I do that? Doesn’t SHA 256 require a 512 bit message and the IV plus my message is only 296 bits? Thanks guys
Asked
Active
Viewed 373 times
1 Answers
3
In SHA-256, the message is padded to a multiple of the block length by appending a single 1 bit and then as many 0 bits are needed to fill a message block to 448 bits; finally the 64-bit length is appended to make the input length an exact multiple of 512 bits.
Squeamish Ossifrage
- 49,816
- 3
- 122
- 230