The Cryptographic hash function reference article from the English Wikipedia on 24-Jul-2004 (provided by Fixed Reference: snapshots of Wikipedia from wikipedia.org)

Cryptographic hash function

In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. A hash function takes a long string (or message) of any length as input and produces a fixed length string as output. Here, the output is known as a message digest (sometimes called a digital fingerprint).

Loosely speaking, the security properties are intended to ensure that the digest looks "random" and does not leak any information about the message itself; and that other messages cannot be found that produce the same digest. Any change to the message, even of a single bit, will (in all probability) result in a dramatically different message digest when re-generated from the received message. A message digest algorithm is considered secure if it is not computationally feasible to determine the content of a message from its message digest, nor to find "collisions", wherein two different messages have the same message digest. In the first case, a message digest might be used to reconstruct a message which had been encrypted, thus defeating the encryption. In the second case, being able to find a different message which produces a given message digest allows substitution of messages by an attacker; this is a dangerous insecurity.

Note that checksums and Cyclic redundancy checks (CRCs) are quite distinct from cryptographic hash functions and are vulnerable to attack; for example, a CRC was used for message integrity in the WEP encryption standard, but an attack was found which exploited the linearity of the checksum.

Table of contents

1 Cryptographic properties 2 Applications of hash functions 3 List of cryptographic hash functions 4 See also 5 External links

Cryptographic properties

Mathematically, a cryptographic hash function is a hash function that is:

• Preimage resistant (one way): given h such that h = hash(m₁) it should be hard to find m₁.
• Second preimage resistant: given m₁ it should be hard to find m₂ ≠ m₁ such that hash(m₁) = hash(m₂).

Sometimes the function is also required to be:

• Collision-free: it should be hard to find two messages m₁ and m₂ such that hash(m₁) = hash(m₂). Because of the birthday paradox this means the hash function has to have a larger image than is required by being preimage-resistant.

Applications of hash functions

A typical use of a crytographic hash would be as follows: Alice poses to Bob a tough math problem and claims she has solved it. Bob would like to try it himself, but would yet like to be sure that Alice is not bluffing. Therefore, Alice writes down her solution, computes its hash and tells Bob the hash value (whilst keeping the solution secret). This way, when Bob comes up with the solution himself a few days later, Alice can verify his solution but still be able to prove that she had the solution earlier.

In actual practice, of course, Alice and Bob will often be computer programs, and the secret would be something less easily spoofed than a claimed puzzle solution. In cryptography, the above application is called timestamping. Another important application of secure hashes is verification of message integrity. Determination of whether or not any changes have been made to a file, for example, can be accomplished by comparing message digests calculated before, and after, transmission (or any other event) (see Tripwire). The message digest can also serve as a means of reliably identifying a file.

In order to increase speed, most digital signature algorithms specify that only the digest of the message be "signed." Message digests can also be used in the generation of pseudorandom bits, if they meet some additional, statistical, tests.

SHA-1, MD5, and RIPEMD-160 are among the most commonly-used message digest algorithms.

List of cryptographic hash functions

HAVAL, MD2, MD4, MD5, N-Hash, RIPEMD-160, SHA, Snefru, Tiger, Whirlpool

See also

• Avalanche effect
• Message Authentication Code
• Keyed-hash message authentication code
• CRYPTREC and NESSIE (for recommendations re message digest algorithms)

External links

• The Hash function lounge — a list of hash functions and known attacks
• A collection of links on the topic

This is the "Cryptographic hash function" reference article from the English Wikipedia. All text is available under the terms of the GNU Free Documentation License. See also our Disclaimer.