sechash - secure hash generator
sechash [OPTIONS] filename
sechash computes the hash of a file. sechash supports several
hash algorithms and has implemented three assurance levels.
The lowest level hashes hashing the file once: m->h(m). This
is the same computation that tools such as md5sum and shash make.
The middle level hashes the hash of the file: m->h(h(m)). The high
level hashes the file once and then hashes the concatenation of
the file onto the hash of the file: m->(h(m)||m).
Why go to all this trouble when tools such as md5sum and
shash already compute hash functions?
In chapter 6 of Ferguson's and Schneier's book, Practical
Cryptography (ISBN: 0-471-22357-3), it is posited that hash
functions, as they are currently used, are not robust against
partial message collision attacks and length extension attacks.
Ferguson and Schneier suggest that the most conservative
mitigation to such attacks is to use the function m->(h(m)||m).
They suggest that the most reasonable compromise between speed
and security is to used the function m->(h(h(m)) with SHA256.
sechash chooses to follow this advice and sets its defaults to
SHA256 and a medium assurance level.
The following options are available:
-h help
-a request algorithm n (default: 3 - sha256)
-b print bubble babble digest instead of hex digest
-l show supported algorithm list
-m n assurance level. One of 3 (high), 2 (medium, default)
or 1 (low)
-q output as little as possible
-w print word digest
The following hash function algorithms are supported:
MD5 - 1
SHA1 - 2
SHA256 - 3
SHA384 - 4
SHA512 - 5
HAVAL256 - 6
Whirlpool - 7
sechash was written by Holt Sorenson, hso at nosneros dot net
send me email and they'll be squashed. I prefer diff -u format.
sechash requires the following modules, easily fetchable from
CPAN (http://www.cpan.org/):
Digest::MD5
Digest::SHA1
Digest::SHA2
Digest::Haval256
Digest::Whirlpool
Digest::BubbleBabble
For more information on CPAN, type 'perldoc CPAN' from a
shell prompt.
Linux (http://www.linux.org/):
md5sum(1)
OpenBSD (http://www.openbsd.org/):
md5(1), rmd160(1), sha1(1)
*nix:
md5sum, shash(1), openssl(1)
MD5:
http://www.ietf.org/rfc/rfc1321.txt
SHA1:
http://www.itl.nist.gov/fipspubs/fip180-1.htm
SHA256...512:
http://csrc.nist.gov/encryption/shs/sha256-384-512.pdf
HAVAL256:
http://citeseer.nj.nec.com/zheng93haval.html
Whirlpool:
http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html
Practical Cryptography:
http://www.amazon.com/exec/obidos/ASIN/0471223573/nosnerosweb-20
http://www.macfergus.com/pc/
http://www.schneier.com/book-practical.html
md5sum:
http://www.gnu.org/directory/GNU/textutils.html
shash:
http://mcrypt.hellug.gr/shash/
libmhash (shash links against this library):
http://mhash.sourceforge.net/
pgpfone "biometric" word lists:
http://web.mit.edu/network/pgpfone/manual/#PGP000062
http://www.mathcs.duq.edu/~juola/papers.d/pgpfonenemlap.ps
http://www.mathcs.duq.edu/~juola/papers.d/icslp96.pdf
0.4
- added support for HAVAL256, Whirlpool and Tiger
- $opt_b (-b) becomes bubble babble digest (used to be shaxxx bitsize)
- added (-w) for word digest based on pgp word digest
- bitsize can no longer be specified for sha1
- bitsize for shaxxx is now set based on algorithm requested
- documentation updates
0.3
- documentation and comments added
0.2
- rewrite
0.1
- proof-of-concept
- Add support for RIPEMD160
(http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html)
- Add support for TIGER
(http://www.cs.technion.ac.il/~biham/Reports/Tiger/)
Copyright 2003, Holt Sorenson, hso at nosneros dot net,
All Rights Reserved.
This program is licensed under the provisions of the
Artistic license available at:
http://www.opensource.org/licenses/artistic-license.php