Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [sha-512]

SHA-512 is part of the SHA-2 family of hash functions with a 512-bit output and a 256-bit security level.

SHA-512 is one of the algorithms in the SHA-2 family of cryptographic hash functions defined by NIST. It processes input in 1024-bit blocks, and has a 512-bit output, for a 256-bit security level. It is defined in terms of operations on 64-bit words.

External links

134 questions
78
votes
6 answers

SHA-512 faster than SHA-256?

I'm getting this strange result that SHA-512 is around 50% faster than SHA-256. I'm using .net's SHA512Managed and SHA256Managed classes. The code is similar to the one posted here but I'm referring to tests taking caching into account (from the…
ispiro
  • 2,085
  • 2
  • 18
  • 29
69
votes
2 answers

Is truncating a SHA512 hash to the first 160 bits as secure as using SHA1?

I am from a web development background (I don't know an awful lot about cryptography or how the algorithms themselves work), so I am asking this question in simple terms. Consider a hash of the word 'test' using…
BadHorsie
  • 823
  • 1
  • 9
  • 11
41
votes
4 answers

How can hashes be unique if they are limited in number?

I'm curious, how can for example SHA-256 be unique if there are only a limited number of them?! For clarification: how many MD5 hashes are there? $16^{32}$ MD5 hashes can be produced. $16^{64}$ SHA-256 hashes can be produced. while there are…
M D P
  • 529
  • 1
  • 4
  • 6
30
votes
3 answers

Dropbox Password security

Dropbox have recently published How Dropbox securely stores your passwords Is this really more secure than using bcrypt with a complexity of 11 or 12 ? The password "chain" is secure as its weakest part, so is there any point adding the extra 2…
exussum
  • 403
  • 4
  • 7
24
votes
2 answers

Are the SHA family hash outputs practically random?

Say I hashed the output from a random number generator (with nonce), would the resulting SHA256 hash be as random as the inputted number? And If I used the first 5 hex characters, and then used the first 5 ignoring the very first character and so on…
John T
  • 487
  • 2
  • 4
  • 10
16
votes
4 answers

Is there a way to use bcrypt with passwords longer than 72 bytes securely?

From my understanding BCrypt truncates the password to 72 bytes. If a password is longer than 72 bytes, what is a way to store that password using bcrypt securely without compromising it? Or is this incorrect and we should just let bcrypt truncate…
thames
  • 263
  • 2
  • 6
13
votes
1 answer

Is there any benefit from using SHA-512 over SHA-256 when AES just truncates it anyway?

I am still not very clear on how AES-256-CBC can use SHA-512 bit keys, but I assume that it just truncates the 512bit hash down to 256bit. In software like GnuPG and OpenPGP, is there any real benefit using a SHA-512 key over a SHA-256 key with the…
user4191887
  • 241
  • 1
  • 2
  • 5
12
votes
1 answer

Does SHA-512 leak info about SHA-256?

Does the SHA-512 value of an input leak any information about the SHA-256 value of that same input? Specifically, if I'm using SHA-512 to derive encryption and HMAC keys from a 256 bit ECDH shared secret (by splitting it into two 256 bit chunks),…
Chris
12
votes
3 answers

Is deriving the IV from the password secure?

I came across an encryption scheme to encrypt files with AES-256. You can see the initialization of the decryption routine below: salt = scrambled_file.read(16) key_and_iv = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, 50000, 48,…
Jonas
  • 223
  • 2
  • 5
11
votes
4 answers

Why is SHA-512 limited to an input of $2^{128}$ bits?

Both SHA-384 and SHA-512 are limited to an input size of less than $2^{128}$ bits. Considering SHA-512 has a higher output size, couldn't it include more input data?
w0f
  • 213
  • 2
  • 5
10
votes
2 answers

Which attacks are prevented by the different initial hash values for SHA-2 with truncated output?

NIST specified SHA-2 hash functions with truncated output. Those hashes use different initialization values than SHA-256 or SHA-512. SHA-224 is based on SHA-256. SHA-384, SHA-512/224 and SHA-512/256 are all based on SHA-512. Although I have seen…
Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323
8
votes
2 answers

SHA-512 - How difficult is it to find a hash digest beginning with at least twelve zeros?

I know it's possible to find a hash value with multiple zeroes in it, I know of some BitCoin hashes with it, but how difficult is it to find/create a hash digest with 12 or more leading hex zeroes in it?
sha512guest
  • 81
  • 2
8
votes
1 answer

Does salt size affect password hash security?

I use PBKDF2-SHA512 with an iteration count of 128,000 to hash my passwords. I use a CSPRNG to generate a salt per password. However, I am unsure about the ideal size of the salt. I have read a lot of things about the salt size, but I have been…
Pascal Bergeron
  • 183
  • 1
  • 3
7
votes
2 answers

Why SHA-512/256 when we already have SHA-384?

Both of them are just SHA-512 with different IV's and truncation. What's the point of having 2 of them? (Actually we have 3 of them as SHA-512/224 is the exact same thing.)
hanshenrik
  • 569
  • 1
  • 5
  • 17
6
votes
2 answers

Why might SHA-384 throughput be lower than SHA-512 throughput in hashcat and more secure?

I found a hashcat benchmark results in the internet: hashcat results: SHA-384 is 17065.4 MH/s SHA-512 is 17280.3 MH/s Why does SHA-512 take less time? SHA-512 is longer and I thought it therefore needs more time and computation resources to…
sluge
  • 197
  • 1
  • 8
1
2 3
8 9