flat assembler
Message board for the users of flat assembler.

Index > Macroinstructions > SHA512 macros for fasm

Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 22 Jul 2005, 01:39
Using SHA (Secure Hash Algorithm) you can create a signature for your code and/or data to check the integrity.

Attached are macros to compute and embed signature into your code as assembly time. At run time the code can compare the signature and detect any changes.

Using the fasm macros is not the fastest way to make a SHA hash but it is more convenient than using an external program to embed the hash later. On my laptop it runs about 125kBytes/second.

The generated hash conforms to FIP 180-2 standard for both SHA512 and SHA384, you can select which hash length you want by setting the SHA512_output_length variable.

The attachment contains two files:
SHA512-fasm.inc - The core SHA512 macros.
SHA512-fasm-test.asm - A verifier and simple example showing the use.


Description: Macros for SHA512 in fasm
Download
Filename: SHA512-fasm.zip
Filesize: 4.11 KB
Downloaded: 839 Time(s)



Last edited by revolution on 23 Sep 2008, 08:42; edited 1 time in total
Post 22 Jul 2005, 01:39
View user's profile Send private message Visit poster's website Reply with quote
Vasilev Vjacheslav



Joined: 11 Aug 2004
Posts: 392
Vasilev Vjacheslav 22 Jul 2005, 06:15
thanks

ps. some useful links for cryptoalgos:
witeg.prv.pl
x3chun.com.ne.kr
Post 22 Jul 2005, 06:15
View user's profile Send private message Reply with quote
Matrix



Joined: 04 Sep 2004
Posts: 1166
Location: Overflow
Matrix 22 Jul 2005, 11:02
thank you revolution
nice submission,

btw what do you think which is more secure/or less easy to reverse?
this SHA or MD5 ?

is it more secure when using them multiple times? or combining the two for example?

in your include file there is a mispelling, it should be
Code:
macro SHA512_copy_result_to_hash { rept 8 count:0 \{ SHA512_h##count = SHA512_r##count \} }
    


hmm and some weird errors, but i must have missed something.
Post 22 Jul 2005, 11:02
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 22 Jul 2005, 12:11
Matrix:

The line you show above is the same as in the zip file. What specifically do you think is wrong with it?

You should not get any errors if you assemble the test file. It does display the hash values for the verification values but is shouldn't display any errors. What do you get on the output?
Post 22 Jul 2005, 12:11
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 22 Jul 2005, 12:17
Quote:
what do you think which is more secure/or less easy to reverse?


MD5 is already broken, although not in a serious manner yet. But special pairs of input block have been constructed to show it's weakness. So far SHA-1 (160 bit) has not had a successful pair of blocks constructed so it might be more secure (but this cannot be proved). SHA-1 has been shown to also have some weaknesses whereby certain attacks can theoretically be done in less than 2^80 rounds.

So far SHA224 and up have not been shown to have weaknesses but, once again, this does not mean they are secure.

If you want my opinion, I would suggest that a 128 bit hash is not strong enough for todays needs. Use at least 256 bits.
Post 22 Jul 2005, 12:17
View user's profile Send private message Visit poster's website Reply with quote
Matrix



Joined: 04 Sep 2004
Posts: 1166
Location: Overflow
Matrix 22 Jul 2005, 12:59
mm sorry disregard that error, it was some strange caching of fasmw.exe on win xp, i have exchanged the 2 though...

its ok now
thank you
Post 22 Jul 2005, 12:59
View user's profile Send private message Visit poster's website Reply with quote
Reverend



Joined: 24 Aug 2004
Posts: 408
Location: Poland
Reverend 22 Jul 2005, 22:14
Thanks revolution. Great macroses, brilliant piece of work. I didn't even suspect that such a thing is possible Cool
Post 22 Jul 2005, 22:14
View user's profile Send private message Visit poster's website Reply with quote
IceStudent



Joined: 19 Dec 2003
Posts: 60
Location: Ukraine
IceStudent 06 Aug 2006, 14:31
fasm 1.66

[edited]


Last edited by IceStudent on 07 Aug 2006, 06:40; edited 1 time in total
Post 06 Aug 2006, 14:31
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 06 Aug 2006, 22:55
You need to convert the double hashes (##) to backslash-hash (\#) for the later version of FASM. The double hash is the old FASM syntax and was outlawed recently.
Post 06 Aug 2006, 22:55
View user's profile Send private message Visit poster's website Reply with quote
IceStudent



Joined: 19 Dec 2003
Posts: 60
Location: Ukraine
IceStudent 07 Aug 2006, 06:40
Thanks, now it works.
Post 07 Aug 2006, 06:40
View user's profile Send private message Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2341
Location: Usono (aka, USA)
rugxulo 12 Aug 2006, 01:11
Um, how long does it take to work? What is the expected output? I can't seem to figure it out. Sad
Post 12 Aug 2006, 01:11
View user's profile Send private message Visit poster's website Reply with quote
Shorn



Joined: 28 Jun 2007
Posts: 4
Shorn 12 Jul 2007, 07:06
Just for some clarification, MD5/SHA aren't encryptions, they are one-way hashes, with one-way being the key words here. Which means they can't be 'reversed' nor 'decrypted'.
Post 12 Jul 2007, 07:06
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1159
Azu 04 Apr 2009, 08:28
Shorn wrote:
Just for some clarification, MD5/SHA aren't encryptions, they are one-way hashes, with one-way being the key words here. Which means they can't be 'reversed' nor 'decrypted'.
They can be reversed with lookup (A.K.A. rainbow) tables, if you don't mind some collisions, and have a lot of time..
Post 04 Apr 2009, 08:28
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 04 Apr 2009, 18:15
Quote:

if you don't mind some collisions

The number of collisions is INFINITE, not "some". It is very hard to find two messages with the same hash but still there are infinite character strings with the same hash.
Post 04 Apr 2009, 18:15
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1159
Azu 04 Apr 2009, 20:31
LocoDelAssembly wrote:
Quote:

if you don't mind some collisions

The number of collisions is INFINITE, not "some". It is very hard to find two messages with the same hash but still there are infinite character strings with the same hash.
With short strings, like passwords, the collisions are insignificant from an attack point of view.
Post 04 Apr 2009, 20:31
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 04 Apr 2009, 21:10
Quote:

With short strings, like passwords, the collisions are insignificant from an attack point of view.

Yep, but encryption is not limited to such small data and still it is truly one way since even a system checking your password is in fact checking if the hash of the supplied input match the one stored (so actually you have from 1 to some N number of valid passwords).

Not sure why Shorn made that clarification (because of Vasilev's post maybe?), but it doesn't seems to be "password encryption" what it was discussed here, the clarification looks more general.
Post 04 Apr 2009, 21:10
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20363
Location: In your JS exploiting you and your system
revolution 05 Apr 2009, 01:36
If you want to use a hash on a password then it is not a good idea to use it directly. Things like rainbow tables will break the common passwords with ease. Anyone interested can look into things like PKCS, and more specifically PBKDF2.
Post 05 Apr 2009, 01:36
View user's profile Send private message Visit poster's website Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1159
Azu 05 Apr 2009, 09:01
LocoDelAssembly wrote:
Quote:

With short strings, like passwords, the collisions are insignificant from an attack point of view.

Yep, but encryption is not limited to such small data and still it is truly one way since even a system checking your password is in fact checking if the hash of the supplied input match the one stored (so actually you have from 1 to some N number of valid passwords).

Not sure why Shorn made that clarification (because of Vasilev's post maybe?), but it doesn't seems to be "password encryption" what it was discussed here, the clarification looks more general.
Yes it's hard to reverse in certain situations where it is long enough.
Post 05 Apr 2009, 09:01
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.