MD5-based HMAC

By Macbook

HMAC based on MD5

One, one-way hash function

Types There are md4, md5, sha1, sha2, ripemd, ripemd160, sha3, etc.

Properties:

  • From inputs of different lengths, generate fixed-length outputs .
  • The calculation speed is fast.
  • One-way, get output from input, but no input from output.
  • Weak impact resistance: it is not easy to find a message with the same hash value
  • Strong impact resistance: it is not easy to find two messages with the same hash value

    • li>

md5:

  • Padded the message so that its bit length is 448 under modulo 512. Even if the message is originally 448, it needs Fill it with 512. The filling method is fixed at the first bit as 1, and the latter bits are filled with 0.
  • Additional message padding, the length of the message is 64Bit long in little-endian way behind the filled message. In this way, the length of the message is padded to an integer multiple of 512. Every 512 bits is a group, and a group is 16 32-bit words.
  • Four 32-bit long registers need to be initialized, each of which has an initial fixed value, which is stored in little-endian mode.
  • Each packet needs to be processed by a compression function, and the value of each packet after the compression function is processed is the initial value of the register during the next packet processing. The compression function includes 4 rounds of processing, and the value processed by the compression function in each round is the initial value of the register in the next round of processing. A constant table is defined in the compression function, and 16 values ​​in the constant table need to be added in each round of processing. After processing, the sum of the output of the last group and the value in the first round of registers is the value of the final group. The final result after the last group is processed is the corresponding hash value.
  • Each round of processing consists of 16 iterations. The operation form is b<=b+cls(a+g(b,c,d)+x[k]+t[i]) a<=dc<=bd<=c where abcd is the value of each register t[ i] is one of the 16 values ​​in the corresponding constant table, and x[k] is one of the 16 words in the group. Cls is the number of shifts in each step of each round of shift operation. There are corresponding constants. The order in which X[k] is used is also scrambled in each round according to certain rules. g is a function, and the operation rules for each round are different. The following are the shift rules, scrambling rules, and the definition of each round of g
    shift rules:

< td>12

< td>2

1 2 3 4 5 6

7 8 9 10 11 12 13 14 15 16
1 7 12 17 22 7 17 22 7 12 17 22 7 12 17 22
5 9 14 20 5 9 14 20 5 9 14 20< /td>

5 9 14 20
3 4 11 16 23 4 11 16 23 4 11 16 23 4 11 16 23
4 6 10 15 21 6 10 15 21 6 10 15 21 6 10 15 21
  • The scrambling rules: round 2 (1+5i) mod16 round 3 (5+3i) mod16 round 4 7imod16
  • g definition:

Number of rounds g(b,c,d)
1 (b∧c) ∨(b∧d) 2| (b∧d) ∨(c∧d) )
3 b⊕c⊕d
4 c⊕(b∨d`)

2 , Message authentication code

  • The realization method of message authentication code: one-way hash function, block cipher, other passwords
  • hmac is a one-way hash function to realize messages Method of authentication, brief The process is
    (1) If the key is shorter than the group of the hash function, add zeros to expand. If long, calculate the hash value of the key.
    (2) XOR the key with the ipad (ipad is a fixed value 00110110)
    (3) Combine the result with the message, and then calculate the hash value
    (4) XOR the key with the opad Or (opad is a fixed value of 01011010)
    (5) Combine the result with the hash value, and then calculate the hash value

Three, description

  • The program sets several functions:
    (1) tianchong: Determine the number of bits in the message, and fill the message to modulo 512 to 448
    (2) Xiaoxi: compression function of md5, The message is mainly grouped, each group of 512 bits, and each group of operations is sent to the hash function
    (3) hash: the operation of the compression function of each group. First calculate the constant t[],for i in range(1,65): T.append(math.floor(pow(2, 32)*abs(math.sin(i))))< /code> Then use a loop to determine which round the operation belongs to, and then scramble the message according to the rules of this round, and finally send it to 16 iterations
    (4) diedai: iterative function. Also use a loop to determine which round the round belongs to, and then determine the calculation rule of g according to the rules of this round. The number of shifted bits is stored in a two-dimensional array. The number of rounds and iterations is used to determine the number of shifts. temp=(temp<
  • The function needs to enter the key and the document (the actual location of the document must be included). After reading the document, first convert the read characters into corresponding integers, and then fill them.
  • After reading the key, you need to combine the key into several 16-bit values, and then fill them in. Insert 0 directly on the left, padded to 512 bits. After the key is XORed with ipad and opad, two sets of 16 32-bit values ​​are obtained, which are operated by the compression function of md5 as the initial values ​​in the 4 registers during message operation. Finally, two rounds of md5 calculations are performed. The 128 bits after the first round of calculations are also filled to 512 bits by inserting 0

Four. Codes and results< /h2> 

def diedai(lunshu,x,t,reg):
 yiwei=[[7,12,17,22,7,12,17,22,7,12,17,22, 7,12,17,22],
 [5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20],
 [4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23],
 [6,10,15,21,6, 10,15,21,6,10,15,21,6,10,15,21]]
 for i in range(0,16):
 a = reg[0]
 b = reg[1]
 c = reg[2]
 d = reg[3]
 if lunshu==1:
 temp=(b & c) | ( ~b & d)
 elif lunshu==2:
 temp=(b&d)|(c&~d)
 elif lunshu==3:
 temp=b^c^ d
 else:
 temp=c^(b|~d)
 temp=(a+temp+x[i]+t[i])%pow(2,32)< br /> temp=(temp< temp=(temp+b)%pow(2,32)
 reg=[d,temp,b, c]
 return reg
def hash(zu_1,reg_x):
 reg_0=reg_x
 reg=reg_x
 T = []
 te mp=[]
 for i in range(1, 65):
 T.append(math.floor(pow(2, 32) * abs(math.sin(i))))#Get Constant t[]
 for i in range(1,5): #4 different permutations in each round of processing
 if i==2:
 for j in range(0, 16):
 h=(1+5*j)%16
 zu_2[j]=zu_1[h]
 elif i==3:
 for j in range( 0,16):
 h=(5+3*j)%16
 zu_2[j]=zu_1[h]
 elif i==4:
 for j in range(0,16):
 h=(7*j)%16
 zu_2[j]=zu_1[h]
 else:
 zu_2=zu_1
 temp=diedai(i,zu_2,T[16*(i-1):16*i],reg)#16-step iteration
 for i in range(0,len(temp)):
 reg[i]=temp[i]
 for i in range(0,4):
 reg[i]=(reg[i]+reg_0[i])%pow(2,32) 
 return reg
def xiaoxi(message,a,b,c,d):
 changdu=len(message)
 zu_num = math.floor(len(message) / 16 )#Get the number of groups
 A_0 = a
 B_0 = b
 C_0 = c D_0 = d
 reg_0 = [A_0, B_0, C_0, D_0]
 for i in range(0, zu_num):
 reg_0 = hash(message[16 * i:16 * (i + 1)], reg_0)
 return reg_0
def tianchong(xiao):
 t_1 = struct.unpack('>H', b'€') # Fill 16 bits, the first one is one
 t_2 = struct.unpack('>H', b'') # Fill 16 bits, all 0
 changdu=len( xiao)
 bit_changdu = changdu * 16% pow(2, 64)
 t_3 = struct.pack(' if (changdu * 2 * 8 == 448): # If modulo 512 is 448, fill 512 bits directly
 xiao.append(t_1[0])
 for i in range(1, 32):
 xiao.append(t_2[0])
 else: # Otherwise
 i = 0
 xiao.append(t_1[0])
 num = (changdu + 1) * 16
 while num% 512 != 448:
 num = num + 1
 i = i + 1
 if i% 16 == 0:
 xiao. append(t_2[0])
 xiao.append(struct.unpack(' xiao . append(struct.unpack(' xiao.append(struct.unpack(' xiao.append(struct.unpack(' changdu_k = len(xiao) # The length of the expanded message
 message =[]
 i = 0
 while i  t = xiao[i] << 16
 if i + 1 != changdu_k-1:
 message.append(t | (xiao[i + 1]))
 else:
 message.append(t)
 i = i + 2
 return message
 import os
import struct
import math
import string
xiao_xi = [] # save the input message
xiao = [] # save the extended message
 key=input('Enter a key:')
wenjian=input('The location of the input file:')
data = open(wenjian) # Text file input
xiao_xi = data. read()
changdu = len(xiao_xi) # The length of the input message
for i in range(0, changdu): # Convert each character to the corresponding integer
 xiao.append( ord(xiao_xi[i]))
xiao=tianchong(xiao)
key_message=[]#Save the filled key
key_1=[]
key_2=[]< br />key_8int=[]
ipad=0x3636
opad=0x5A5A
i=0#Enter the key Line padding
while i< len(key):
 t =ord( key[i] )<< 8
 if i!=len(key)-1:
 key_message .append(t | ord(key[i + 1]))
 else:
 key_message.append(t)
 i = i + 2
while len(key_message)* 16!=512:#Fill the key to 512 bits
 key_message.insert(0,0)
for i in range(0,len(key_message)):
 key_1.append( key_message[i]^ipad)
 key_2.append(key_message[i]^opad)
i = 0
key_11=[]#Change the key into 16 32-bit words< br />while i  t = key_1[i] << 16
 if i!=len(key_1)-1:
 key_11.append(t | ( key_1[i + 1]))
 else:
 key_11.append(t)
 i = i + 2
i=0
key_22=[]
while i< len(key_1):
 t = key_2[i] << 16
 if i!=len(key_1)-1:
 key_22.append(t | (key_2 [i + 1]))
 else:
 key_22.append(t)
 i = i + 2
A_0 = 0x01234567
B_0 = 0x89ABCDEF
 C_0 = 0xFEDCBA98
D_0 = 0x76543210
key1_hash=[]
key2_hash=[]
 trans=[]
final=[]
key1_hash.extend(xiaoxi(key_11,A_0,B_0,C_0,D_0))
key2_hash.extend(xiaoxi(key_22,A_0,B_0,C_0 ,D_0))
trans.extend(xiaoxi(xiao,key1_hash[0],key1_hash[1],key1_hash[2],key1_hash[3]))
while len(trans)*16!= 512:
 trans.insert(0,0)
final.extend(xiaoxi(trans,key2_hash[0],key2_hash[1],key2_hash[2],key2_hash[3]))
print('The message authentication code is:')
print(final)

Share a picture
1.txt content
1.txt content

, , ,

Leave a Comment

Your email address will not be published.