SHA-256 Explained by AI

There are no stupid questions, at least in my world. Today I’m asking AI to explain to me how SHA-256 works. It’s a hash function turning digital data into a fingerprint. While I’m catching up on some knowledge, I’m sharing it with you. Read on.

Image by DALL-E x me (here is my Instagram)

Prompt: Tell me about SHA 256.

SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function that takes an input (or ‘message’) and returns a fixed-size string of characters, which is a ‘digest’ that is unique to the unique values of the input. It is considered to be a one-way function, as it is computationally infeasible to generate the original input from the digest. It is widely used for various security purposes, such as digital signatures, message authentication codes (MACs), and other applications that require data integrity and authenticity.

Prompt: If it’s a one way function, how can the computer know what the hash means?

The computer does not need to ‘know’ what the hash means, it just needs to be able to generate a hash for a given input and verify that a given hash corresponds to a specific input. The one-way property of the hash function ensures that given the hash output, it is computationally infeasible to determine the original input. When a hash is used for authentication or other security purposes, the original input is hashed and the resulting digest is stored. Later, when authentication is required, the input is hashed again and the resulting digest is compared to the stored digest. If they match, the input is considered authentic. The hash function’s one-way property ensures that even if an attacker obtains the hash, they cannot determine the original input.

Prompt: Give me an example of a SHA 256 hash.

Here’s an example of a SHA-256 hash:

Input message: “Hello World”

SHA-256 Hash: 7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069

Please note that this is just one example of a SHA-256 hash, and the hash of the same message may be different on different systems, or if different hash functions are used. The purpose of a hash function is to produce a unique and fixed-size output for a given input, so even small changes to the input will result in a completely different hash.

Prompt: Are there any two identical hashes?

It is extremely unlikely for two different inputs to produce the same hash output, known as a hash collision. The hash functions used in cryptography, including SHA-256, are designed to have a very low probability of hash collisions. In practice, finding two different inputs that produce the same hash is considered to be computationally infeasible, even with the most advanced computing systems available.

However, it is important to note that hash collisions are a well-known problem in cryptography, and as such, hash functions are continuously being improved and updated to address any potential weaknesses. Additionally, larger hash outputs, such as SHA-512 or SHA-3, provide an even lower probability of hash collisions.

Prompt: How many characters are in a SHA 256 hash? How many possible combinations of characters can be generated from it?

A SHA-256 hash is a 64-character string of hexadecimal characters (0–9 and a-f). Each character can have 16 different values (0–9 and a-f), so the total number of possible combinations of characters in a SHA-256 hash is 16⁶⁴, which is a very large number.

To give you some perspective, the number of possible combinations in a SHA-256 hash is approximately 10⁷⁷, which is a number with 77 zeros after it. This makes it computationally infeasible to find two different inputs that produce the same hash by brute force or other means.

Prompt: Why just a-f and not the whole alphabet?

The characters used in a SHA-256 hash are hexadecimal characters, meaning they consist of the decimal digits (0–9) and the first six letters of the alphabet (a-f). This choice of characters was made for a few reasons:

1. Simplicity: Using only 16 characters instead of 26 makes it easier to represent the hash output as a string of characters, as well as to compare hash values for equality.
2. Compact representation: Using hexadecimal characters allows for a more compact representation of binary data, as each hexadecimal character represents 4 bits of binary data.
3. Ease of use: Hexadecimal characters are easy to work with in programming and are widely used in computer science and engineering.
4. These advantages make hexadecimal characters a good choice for representing the output of hash functions like SHA-256.

Image by DALL-E x me (here is my Instagram)

Prompt: If I make an NFT, the digital artwork is also hashed. Correct?

Yes, that is correct. NFTs (Non-Fungible Tokens) are digital assets that are unique and indivisible, and their authenticity and ownership are tracked on a blockchain. The digital artwork associated with an NFT is typically stored as a hash on the blockchain, rather than as the original digital file. This hash serves as a fingerprint of the digital artwork and allows for the integrity of the artwork to be verified and its ownership to be tracked. The hash of the digital artwork is typically generated using a cryptographic hash function, such as SHA-256, and the resulting digest is stored on the blockchain as part of the NFT’s data.

Prompt: Can the digital artwork be reconstructed from a hash?

No, the digital artwork cannot be reconstructed from the hash alone. Cryptographic hash functions are designed to be one-way, meaning that it is computationally infeasible to determine the original input from the output hash. The hash serves as a unique ‘fingerprint’ of the digital artwork, but does not contain the actual data of the artwork. To access the digital artwork, you would need access to the original digital file, which is not stored on the blockchain. The hash on the blockchain serves to verify the integrity and authenticity of the digital artwork, but cannot be used to recreate the original artwork.

Image by DALL-E x me (here is my Instagram)

Prompt: Where is the artwork stored then?

The original digital artwork is typically stored on a centralized server or a decentralized storage network, such as IPFS (InterPlanetary File System). The hash of the artwork, along with information about its ownership and other relevant data, is stored on a blockchain as part of an NFT. When someone wants to view or use the artwork, they can retrieve it from the location where it is stored using the information stored on the blockchain. The hash stored on the blockchain serves as a means of verifying the integrity of the artwork and ensuring that it has not been tampered with or altered in any way.

Prompt: Back to SHA-256: How does the encryption work exactly?

SHA-256 is a cryptographic hash function, not an encryption algorithm. It does not provide confidentiality, but rather it is used for generating a digest or ‘fingerprint’ of a given input (often referred to as a message or data). The basic idea behind a hash function is to take an input, perform a series of mathematical operations on it, and produce a fixed-size string of characters as output. The output, or hash, is unique to the input, meaning that even a small change in the input will result in a completely different hash.

The specific operations performed by SHA-256 are designed to be complex and irreversible, making it computationally infeasible to generate the original input from the hash. When a message is hashed, the resulting hash is used as a digital signature or for other security-related purposes, such as message authentication or data integrity.

To summarize, the process of SHA-256 encryption works as follows:

1. The input message is processed in blocks of a fixed size (512 bits)
2. The message is padded so that its length is a multiple of 512 bits
3. A series of logical operations, including bitwise operations and modular arithmetic, are performed on the padded message
4. The result of these operations is a fixed-size string of characters, or the hash digest, that is unique to the input message.

Prompt: What does “the message is padded” mean?

“Padding the message” refers to adding extra data to the input message so that its length is a multiple of a fixed size, which is required for the SHA-256 algorithm to operate correctly. The length of the input message may not necessarily be a multiple of the fixed block size (512 bits), so the message must be padded to ensure that it can be processed correctly by the algorithm.

The padding process typically involves adding extra bits to the end of the message until its length is a multiple of the block size. The padding may also include a number that indicates the original length of the message. The purpose of the padding is to ensure that even small changes in the input message result in completely different hashes, making it computationally infeasible to generate the original message from the hash.

Prompt: What does “hashing” mean? Give me a concise definition.

Hashing is the process of transforming an input, or ‘message’, into a fixed-size string of characters, or ‘hash’, using a mathematical function. The output hash serves as a digital fingerprint of the input, and even a small change in the input will result in a completely different hash. Hashing is commonly used for verifying the integrity of data, such as checking that a file has not been altered during transmission, as well as for other security-related purposes such as password storage and digital signatures. The hash function used for hashing is designed to be computationally infeasible to invert, meaning that it is not possible to determine the original input from the output hash.

Image by DALL-E x me (here is my Instagram)

Prompt: Why do we need digital fingerprints?

Digital fingerprints, or hashes, serve as a means of verifying the integrity and authenticity of digital data. They are used for a variety of security-related purposes, including:

1. Data integrity verification: Hashes are used to ensure that digital data has not been altered or tampered with during transmission or storage. The recipient can calculate the hash of the received data and compare it to the original hash to ensure that the data has not been changed.
2. Password storage: Hashes are commonly used to store passwords securely. Instead of storing the password in plain text, a hash of the password is stored, and the original password is verified by re-hashing the user-provided password and comparing it to the stored hash.
3. Digital signatures: Hashes are used to sign digital messages or documents to ensure that the message has not been altered and to verify the identity of the sender. The sender calculates the hash of the message, encrypts the hash with their private key, and appends the encrypted hash to the message. The recipient can then verify the signature by using the sender’s public key to decrypt the hash, and comparing the decrypted hash to the hash calculated from the received message.
4. Blockchain transactions: Hashes are used in blockchain technology to create a permanent and tamper-proof record of transactions. Each block in the blockchain contains a hash of the previous block, forming a chain of hashes that ensures that any changes to previous blocks would be detected.

These are just a few examples of why digital fingerprints are used. In general, they provide a way to verify the integrity and authenticity of digital data in a secure and efficient manner.

Prompt: Thank you for this informative interview.

You’re welcome! I’m glad I could help. If you have any other questions, feel free to ask.