0

I understand that there is a 256 and 512 versions because they are all powers of 2. But where 384 came from?

I know that binary representation of 384 is 110000000 but I can't understand the logic.

It is not in the middle between 256 and 512. It is not even a logarithmic middle.

Why 384?

LEQADA
  • 1,913
  • 3
  • 22
  • 41
  • Why not 384? Who says it has to be a power of 2? – interjay Oct 24 '17 at 13:01
  • It is another question. I accept powers of 2 as a convention. But when I see something that doesn't fit to the convention then I start to think about why it is as it is. And from answers below I can judge that it is really not so obvious. – LEQADA Oct 24 '17 at 13:26

2 Answers2

2

A quick look on Wikipedia finds this:

SHA-256 and SHA-512 are novel hash functions computed with 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are simply truncated versions of the first two, computed with different initial values.

Looking at the comparison between all the variants, it seems that SHA-384 is more resistant to length extension attacks than SHA-512 (its longer version).

You can find a more detailed answer on Cryptography Stack Exchange: here.

Zamfi
  • 327
  • 2
  • 9
  • It is a very nice explanation. But I have one more question now. Is 384 the most resistant version of SHA2 between 256 and 512? – LEQADA Oct 24 '17 at 13:19
  • 1
    Seems like it isn't. There is a modified version of SHA-512, known as SHA-512/256, which seems to be more resistant to this type of attacks. More info here: [link](https://crypto.stackexchange.com/questions/35023/how-are-the-ivs-of-sha512-256-and-sha512-224-calculated/35026#35026) and on the Wiki article mentioned in the answer - the section concerning `SHA-512/t` – Zamfi Oct 24 '17 at 13:25
  • Then back to the initial question. Why 384 and 224? – LEQADA Oct 24 '17 at 13:28
  • I have not followed all the math behind it, so, unfortunately, I cannot answer that. My best guess, from looking at how they are obtained, is that these have provided the best results as far as extension attack resistance goes (without modifying the initial algorithm significantly). – Zamfi Oct 24 '17 at 13:44
1
256 + 128 = 384

It is nothing but addition of two values which are above mentioned powers of 2 !!

smilyface
  • 5,021
  • 8
  • 41
  • 57