SHA Hashing in Java

In this section, we are going to learn what is SHA Hashing, where and how it is used in the Java programming language. We are going to see examples of SHA hashing in Java to understand the in-depth usage of SHA hashing in the Java programming language.

What is SHA Hashing?

The "Secure Hash Algorithm" is widely known as SHA. The Secure Hash Algorithm is a cryptographic hash function. A cryptographic hash function is an algorithm that randomly takes data as input without a specific reason and produces an output of text in a coded form called "Hash value". The coded text will be stored instead of the password that is used to verify the user, and this enciphered text is used to verify the user instead of the password. The SHA is also a non-reversible function similar to other cryptographic hash functions. SHA can be used to create a text signature by taking input of 20 bytes long maximum. The Secure Hash Function returns a 40-digit hexadecimal hash value as its output. Even the smallest changes in the input can make a big difference in the coded text output. The phenomenon is called the avalanche effect. The avalanche effect helps in securing the user data from attackers as it makes the decrypting of code difficult.

Types of SHA

There are several different forms of the Secure Hashing Algorithm. The following forms of SHA are mentioned below:

SHA-1
SHA-2
SHA-256
SHA-512
SHA-224
SHA-384

There are many more forms of SHA that are being used in the programming world, but then, in reality, there are only two types of SHA they are SHA-1 and SHA-2. The other forms of SHA are just versions of SHA-2 that note different bit lengths of SHA-2 while enciphering the texts. SHA-1 used to be the original form of the Secure Hash Algorithm as it produced a 160-bit message digest as the output. As the SHA-1 was used to give the same digest value to two different values, the number of combinations produced with 160 bits was small. This made the SHA-1 brute forced by the attackers and could be cracked easily. Due to this failure of SHA-1, a new form of Secure Hash Algorithm "SHA-2" is introduced. It produces various bit lengths ranging from 256 to 512 and also assigns a unique value to every message digest.

Next Generation of Hashing

At present, SHA-2 is used in the industrial grade for secure hashing algorithms. SHA-3 was also released by the Creators of SHA-1 and SHA-2. The American-based organization " NIST " is the creator and publisher of the secure hashing algorithms SHA-1, SHA-2 and SHA-3. The software of SHA-3 is much slower than the previous versions of SHA, but the hardware of SHA-3 is faster when compared with SHA-1 and SHA-2. Though released in 2015, SHA-3 is not made the industrial grade yet, but we will likely see SHA-3 grow in the future.

Usage of SHA in Java

The Secure Hash Algorithms are used in digital signatures and their related certificates to establish a secure connection between the web server and its clients using explicit or implicit connections like SSL and TSL cryptographic protocols. Various applications also utilize SHA. They are:

Secure Shell Protocol (SSH) applications.
Secure Multipurpose Internet Mail Extensions (S-MIME)
Intrusion Prevention System (IPS)

SHAs are also used to used for hashing passwords of web servers so that the server has to remember only the Hashes. The technique of hashing the passwords prevents the attackers from having direct access to plain text passwords as he/she can only view the hashes that are stored in the database. So as mentioned above, we use the Secure Hash Algorithms to protect several applications, web servers and files from attackers.

Implementing SHA in Java

To begin using SHA in Java, the "java.security" package must be imported into the program. After importing the above package into a Java program, the "MessageDigest" class is used in Java for calculating the value of cryptographic hash functions. The Secure Hash Algorithms are always initiated in a static method called "getInstance()". a preferred SHA form must be selected after the initiation to calculate the message digest. The results return a byte array value after the message digest is calculated. The byte array is converted into its sign form by using a " BigInteger " class. At last, the sign form is turned into a hexadecimal format, which is our required hash value, i.e., message digest.

SHA Hashing Java Program

ShaExample.java

import Java.math.BigInteger;
import Java.nio.charset.StandardCharsets;
import Java.security.MessageDigest;
import Java.security.NoSuchAlgorithmException;

// This is a Java program to determine the usage of SHA Hashing.

class ShaExample {
    public static byte[] getSHA(String input) throws      NoSuchAlgorithmException {
 // The Static method " getInstance() " is called to initiate hashing with SHA
        MessageDigest md = MessageDigest.getInstance("SHA-256");

        // The static method called in the JAVA program
        // for calculating the message digest of a given input
        // and results in an array of byte
        return md.digest(input.getBytes(StandardCharsets.UTF_8));
    }

    public static String toHexString(byte[] hash) {
        // calling the " BigInteger " function in JAVA programming language.
        BigInteger number = new BigInteger(1, hash);

        // Converting the message digest into a Hexa decimal value.
        StringBuilder hexString = new StringBuilder(number.toString(16));

        while (hexString.length() < 64) {
            hexString.insert(0, '0');
        }

        return hexString.toString();
    }

    // Main code containing the plain text to be converted.
    public static void main(String args[]) {
        try {
            System.out.println("This is the message digest for the plain text:");

            String str1 = "Hey human";
            System.out.println("\n" + str1 + " : " + toHexString(getSHA(str1)));

            String str2 = "This is hashing";
            System.out.println("\n" + str2 + " : " + toHexString(getSHA(str2)));

            String str3 = "tut12kf4";
            System.out.println("\n" + str3 + " : " + toHexString(getSHA(str3)));
        }
        // using the catch keyword for determining the wrong message digest algorithms
        catch (NoSuchAlgorithmException e) {
            System.out.println("The Exception for wrong hashing algorithm: " + e);
        }
    }
}

Output:

This is the message digest for the plain text:

Hey human : 754697281d62ffac5ce4427a460264d0115cf8ee16d40c12b78b0df9b12ee241

This is hashing : 701236e5f9fc7fb98ad1bafd2747ce7f9ca01a800afefdbd2b5de815a19c1630

tut12kf4 : fcef32b24015f0297781ea8034dbcbb6a7800e46f2cf7366526e4867a10092aa

In the above example program, we used the SHA-256 algorithm for hashing the given plain text. SHA-256 is a version of the SHA-2 algorithm. We can observe the hash code of the input plain text in the output.

Conclusion

In this article, we have learnt about SHA hashing in detail. We have seen the different forms of SHA and their uses in the technical industry. Also, we discussed the future of SHA hashing and the implementation of SHA hashing at the industry level.

Next TopicHow to make Java projects

← prev next →