Improved MSHA-1 algorithm with mixing method

Received Mar 13, 2020 Revised Apr 29, 2021 Accepted May 24, 2021 Recently, a modified SHA-1 (MSHA-1) has been proposed and claimed to have better security performance over SHA-1. However, the study showed that MSHA-1 hashing time performance was slower. In this research, an improved version of MSHA-1 was analyzed using avalanche effect and hashing time as performance measure applying 160-bit output and the mixing method to improve the diffusion rate. The diffusion results showed the improvement in the avalanche effect of the improved MSHA-1 algorithm by 51.88%, which is higher than the 50% standard to be considered secured. MSHA-1 attained 50.53% avalanche effect while SHA1 achieved only 47.03% thereby showing that the improved MSHA-1 performed better security performance by having an improvement of 9.00% over the original SHA-1 and 3.00% over MSHA-1. The improvement was also tested using 500 random string for ten trials. The improved MSHA-1 has better hashing time performance as indicated by 31.03% improvement. Hash test program has been used to test the effectiveness of the algorithm by producing 1000 hashes from random input strings and showed zero (0) duplicate hashes.


INTRODUCTION
Cryptographic hash algorithms perform a major part in information security-it is a basis for a secure network which includes checking of data integrity [1], [4]. Hash algorithms are used in ensuring data integrity [5]. In hashing, a single bit of change from the input shall produce an entirely different hash output value [6]. A probability of 50% is the most ideal result in considering a change in the hash output, also known as the avalanche effect, but a higher value signifies higher efficiency of the technique [7]. The message digest or hash value produced by a hash function provides an assurance that the data during transmission will not be altered, because it is computationally infeasible for two distinct messages to have equal hash value [8], [9]. The hash value is the condensed representation of the message and acts as a digital fingerprint of the message, in which only one hash value should be associated with the message [8]. If the hash values differ, the integrity of the message is compromised. Hash is typically applied as integrity verification of password protection, security in protocols, file transmission, tamper detection, and digital signature [10], [11].

2145
SHA-1 algorithm is fast and has 160-bit output [14] and it is commonly used hash algorithm in different applications, and is as follows: PGP, SSL/TLS, Digital Signatures, and SSH [1], [15] because of its robustness and time efficiency [16]. In 2017, 21% of websites were recorded that SHA1 is still using for the signing of a website's certificate [17]. The SHA-1 with 160-bit hash value is widely used for file fingerprint and verification [18]. SHA-1 is considered simple, fast and the most widely used hash algorithm [11] because of robustness and time efficiency. However, it suffers from some unexpected weaknesses in the internal function and has a low avalanche effect [1], [19]- [21] thus leading to compromised data integrity. Thus, the modification of the hash function is essential in order to achieve higher avalanche effect diffusion [19], [22], [23]. Enhancements on SHA-1 were made to have better diffusion [24]- [25] but the simulation of results did not show the avalanche effect or have shown lower avalanche effect. The addition of MD5 hash to SHA-1 was also studied [22] but this approach has become suspect since MD5 has been completely broken [26]- [27]. Another study enhanced SHA-1 by modifying the message digest to increase the avalanche effect, but results revealed an avalanche effect that is lower than the ideal standard of 50% and has not included the actual messages used [28]. Another study has enhanced and modified the SHA-1 algorithm (MSHA-1). The study increased the hash value by adding 32-bit and modified the internal function in attaining better diffusion. Testing showed better diffusion, but hashing time of MSHA-1 was slower by 312.50% [29].
This study improves the MSHA-1 by modifying the output bits from 192-bit to 160-bit, with the purpose of improving the hashing time and keeping the mixing method in the compression function. The specific objectives were as follows: To determine the avalanche effect of the hashing algorithm with 160-bit output and mixing method; to evaluate the improvement of enhanced MSHA-1 over the MSHA-1 in terms of avalanche effect; to compare the performance of improved MSHA-1 against the MSHA-1 in terms of hashing time; to test the effectiveness of the improved MSHA-1 by using a hash test program. The main contribution of this work is beneficial to other researchers, because the improvement made on the MSHA1 by modifying the output 192-bit to 160-bit and the increase of avalanche effect of the improved MSHA-1, therefore when used as the hashing mechanism in their chosen application, will increase security and hashing time performance.

RESEARCH METHOD 2.1. Modification of MSHA-1 algorithm design
a. Modification on MSHA-1 was incorporated and described in detail below. The improved MSHA-1 160bit hash value with the mixing method The modification on MSHA-1. The working 32-bit variables A, B, C, D, E were used to produced 160-bit hash value, and the mixing method is used in every round to the compression function. This method will accept input from variables A, C, and D, and will have a new value to the output variables A', C', and D', as shown in Figure 1. The length in multiple of 512 bits is the padded message. Number one (1) followed by zero (0) bit was added to the original message, and zero (0) number will depend on the message's original length. The binary representation of the original message's length is the last 64 bits of the previous 512-bit block. − The constants and functions: The Key0, Key1, Key2 … Key79 and logical functions funct0, funct1 to funct79 were used as constant words, and each funct, 0 ≤ t ≤ 79, the operation of three (3) 32-bit words and the output is 32-bit word. The functions and the constants used is shown as: (H5 + E) ^ nb, f. The algorithm will produce 160-bit hash value.

Testing 2.2.1. Avalanche effect with the use of mixing method
The MSHA-1 algorithm was modified using visual basic for applications (VBA). From here, the modifications were inserted. Different message sets were considered during the evaluation of improved MSHA-1. From these different message sets, the avalanche test was performed. Avalanche effect computation is shown in (1) and (2).
2.2.2. Improvement of modified SHA-1 over SHA-1 using different message sets a. Message sets For performance analysis, the study considered different message sets during the testing. Description of the various message sets was as follows: Message set 1: message input of 1-bit change. First message: "@AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAA". Second message: "CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAA" [22]. Message set 2: Difference in only a few bits using the 64-character message set. Dissimilar characters were inserted at the 1st, 33 rd , and 64 th as shown in Table 1 [30]. Message set 3: Input 1:"abc123_owlstead_1255" and Input 2 "abc123_owlstead_59131" [31]. Message set 4: length differences as input [32], The message pattern was as follows: "a", "a a" and "a a a". The message pattern was shown in Table 2.  a a a a a a a a a a a a a a a a a a a a a a  24  a a a a a a a a a a a a a a a a a a a a a a a   The average avalanche effect of the improved MSHA-1 was compared to MSHA-1 and original SHA-1 using the different message sets. The experimental design was shown in Table 4. For each type of message, the avalanche percentage was computed for improved MSHA-1, MSHA-1, original SHA-1. The percentage of improvement was also calculated to show a comparison in percentage. To calculate the percentage of change, the following formula is:

Performance of improved MSHA-1 over MSHA-1 in terms of hashing time
Hashing time was also recorded using 500 random strings for ten trials (n=10). The average time was computed in milliseconds.

Avalanche effect improved MSHA-1 160-bit hash value
The avalanche effect was computed using different message sets. The results were shown in Figure 2. The avalanche effect average of three algorithms. The results showed that the improved MSHA-1 was higher than the 50% ideal value by having 51.88%. The increase in the avalanched effect was due to the improvement and modification made.  Table 5 shows the avalanche percentage of the different message sets. For message type one, the improved MSHA-1 achieved 51.88%, while MSHA1 obtained 51.56%, and SHA-1 got 45.63%, as seen in Table 4. For message type two, the avalanche effect of the improve MSHA-1 acquired 50.49%, while MSHA-1 attained 50.09%, and SHA-1 got 48.37%. For message three, the improved MSHA-1 achieved  The hash function test program was used to test the effectiveness of the improved MSHA-1, as shown in Figure 3 [34]. The function will count the duplicate hash values of the one thousand inputted hashes that have been produced by the improved MHSA-1. Based on the output, it was clearly shown that there were no duplicates hash values found from the hash values produced by the improved MSHA-1 algorithm.

Performance of MSHA-1 vs SHA-1 in terms of hashing time
Hashing time was also recorded using 500 random strings for ten trials (n=10). The average time was computed in milliseconds. Figure 4 shows the average hashing time of the improved MSHA-1 and MSHA-1. The time difference of the improved MSHA-1 and MSHA-1 was computed using 500 random strings as a message set. Time was noted for ten trials, as shown in Table 6. The average time noted for improved MSHA-1 was 878.85ms, while MSHA-1 was 1151.52ms. The hashing time of improved MSHA-1 has better hashing time performance, as indicated by a 31.03% improvement.

CONCLUSION
From the summary of findings and results presented in the previous section, the following can be concluded that improved MSHA-1 with 160-bit hash value and using the mixing method resulted in an avalanche effect of 51.88%. Compared to the original SHA-1 and MSHA-1, the improved MSHA-1 performed better by having an avalanche effect improvement of 9.00 % over the SHA-1 and 3% over MSHA-1. Compared to the MSHA-1, the hashing time of improved MSHA-1 has a better performance by having a 31.03% improvement. The improved MSHA-1 showed no duplicates using the hash test program. These results show that the modification and improvement made on the MSHA-1 algorithm enhanced security and improved the hashing time performance. As an offshoot of this study, further researches may be undertaken by modifying MSHA-1 hash through lessening the number of rounds to improve more the hashing time performance.