<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] ([padding]) in [Cryptography] and [Encoding] is used in [Algorithms] by adding [Padding bits] to reach a boundary. (usually an [Octet] boundary using [null] [{$pagename}])


When calculating H(secret + data), the string (secret + data) is padded with a '1' bit and some number of '0' bits, followed by the length of the string. That is, in hex, the padding is a 0x80 byte followed by some number of 0x00 bytes and then the length. The number of 0x00 bytes, the number of bytes reserved for the length, and the way the length is encoded, depends on the particular algorithm and blocksize.

With most [algorithms] (including [MD4], [MD5], RIPEMD-160, [SHA-0|SHA], [SHA-1], and [SHA-256]), the [message] is [{$pagename}] until its length is congruent to 56 [bytes] (mod 64). Or, to put it another way, it's padded until the length is 8 [bytes] less than a full (64-[byte]) block (the 8 [bytes] being size of the [encoded|Encoding] length field). There are two hashes implemented in hash_extender that don't use these values: [SHA-512] uses a 128-[byte] block size and reserves 16 bytes for the length field, and [WHIRLPOOL] uses a 64-byte block size and reserves 32 bytes for the length field.

The [Endian Ordering] of the length field is also important. [MD4], [MD5], and [RIPEMD-160] are [Little-Endian], whereas the [SHA] family and [WHIRLPOOL] are [Big-Endian].

!! [{$pagename}] [Hash Functions]
[Hash Functions] pad — by adding a 1 [bit], followed by a bunch of 0 [bits], then the length. So in bytes it looks like:
{{{\x80\x00\x00\x00 ... &lt;length&gt;}}}

!! [{$pagename}] [Block Ciphers]
[Block Ciphers] appear to use [PKCS7] for padding which says that the value to pad with is the number of bytes of padding that are required. So, if the blocksize is 8 [bytes] and we have the string &quot;ABC&quot;, it would be padded as:
{{{ABC\x05\x05\x05\x05\x05}}}
If we had &quot;ABCDEFG&quot;, with padding it would become:
{{{ABCDEFG\x01}}}

Additionally, if the string is a multiple of the blocksize, an empty [block] of only padding is appended. \\
This may sound weird — why use padding when you don't need it? — but it turns out that you couldn't otherwise distinguish, for [example], the string &quot;ABCDEFG\x01&quot; from &quot;ABCDEFG&quot; (the &quot;\x01&quot; at the end looks like padding, but in reality it's part of the [message]). \\
Therefore, &quot;ABCDEFGH&quot;, with padding, would become:
{{{ABCDEFGH\x08\x08\x08\x08\x08\x08\x08\x08}}}

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Everything you need to know about hash length extension attacks|https://blog.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks|target='_blank'] - based on information obtained 2018-08-28- 


























































































































































































</pre>