Design of SHA-256

SHA-256 has the input message size < 264-bits. Block size is 512-bits, and it has a word size of 32-bits. The output is a 256-bit digest.

The compression function processes a 512-bit message block and a 256-bit intermediate hash value. There are two main components of this function: the compression function and a message schedule.

The algorithm works as follows, in eight steps:

1. Preprocessing:

1. 1. Padding of the message is used to adjust the length of a block to 512-bits if it is smaller than the required block size of 512-bits.
   2. Parsing the message into message blocks, which ensures that the message and its padding is divided into equal blocks of 512-bits.
   3. Setting up the initial hash value, which consists of the eight 32-bit words obtained by taking the first 32-bits of the fractional parts of the square roots of the first eight prime numbers. These initial values are randomly chosen to initialize the process, and they provide a level of confidence that no backdoor exists in the algorithm.

1. Hash computation:

1. 1. Each message block is then processed in a sequence, and it requires 64 rounds to compute the full hash output. Each round uses slightly different constants to ensure that no two rounds are the same.
   2. The message schedule is prepared.
   3. Eight working variables are initialized.
   4. The intermediate hash value is calculated.
   5. Finally, the message is processed, and the output hash is produced:

In the preceding diagram, a, b, c, d, e, f, g, and h are the registers. Maj and Ch are applied bitwise. ∑₀ and ∑₁ performs bitwise rotation. Round constants are W_j and K_j, which are added, mod 232.