|
In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. A hash function takes a long string (or 'message') of any length as input and produces a fixed length string as output, sometimes termed a message digest or a digital fingerprint. The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek κÏυπτός kryptós hidden, and the verb γÏάφω gráfo write or λεγειν legein to speak) is the study of message secrecy. ...
A hash function [1] is a reproducible method of turning some kind of data into a (relatively) small number that may serve as a digital fingerprint of the data. ...
Security is everyone’s responsibility. ...
Authentication (from Greek αυθεντικός; real or genuine, from authentes; author) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. ...
In telecommunication, the term data integrity has the following meanings: The condition that exists when data is unchanged from its source and has not been accidentally or maliciously modified, altered, or destroyed. ...
In computer programming and formal language theory, (and other branches of mathematics), a string is an ordered sequence of symbols. ...
In various standards and applications, the two most-commonly used hash functions are MD5 and SHA-1. Collisions have been found for MD5, and SHA-1 has proved to be much weaker than its design objective in 2005. SHA-256 has been advised as the viable replacement after that date. Image File history File links Hash_function_long. ...
Image File history File links Hash_function_long. ...
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. ...
The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST). ...
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. ...
The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST). ...
The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST). ...
Overview Broadly speaking, a cryptographic hash function should behave as much as possible like a random function while still being deterministic and efficiently computable. In the mathematics of probability, a stochastic process can be thought of as a random function. ...
In computer science, a deterministic algorithm is an algorithm which, in informal terms, behaves predictably. ...
A cryptographic hash function is considered insecure if either of the following is computationally feasible:
- finding a (previously unseen) message that matches a given digest
- finding "collisions", wherein two different messages have the same message digest.
An attacker who can do either of these things might, for example, use them to substitute an unauthorized message for an authorized one. In computer science, a hash collision is a situation that occurs when two distinct inputs into a hash function produce identical outputs. ...
Ideally, it should not even be feasible to find two messages whose digests are substantially similar; nor would one want an attacker to be able to learn anything useful about a message given only its digest besides the digest itself. In cryptography, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity and availability of data). ...
Related algorithms Checksums and cyclic redundancy checks (CRCs) are quite distinct from cryptographic hash functions, and are used for different applications. If used for security, they are vulnerable to attack; for example, a CRC was used for message integrity in the WEP encryption standard, but an attack was readily discovered which exploited the linearity of the checksum specified. A checksum is a form of redundancy check, a simple way to protect the integrity of data by detecting errors in data that are sent through space (telecommunications) or time (storage). ...
A cyclic redundancy check (CRC) is a type of function that takes as input a data stream of any length and produces as output a value of a certain fixed size. ...
Wired Equivalent Privacy or Wireless Encryption Protocol (WEP) is a scheme to secure IEEE 802. ...
A message authentication code or MAC takes a message and a secret key and generates a "MAC tag", such that it is difficult for an attacker to generate a valid pair (message, tag) that doesn't match one they've already seen; they are used to prevent attackers forging messages, among other uses. Though it is sometimes referred to as a "keyed hash function", a MAC serves a very different purpose and has very different security properties than a cryptographic hash function; for example, it is not considered a flaw if it is easy for someone who knows the MAC key to generate two messages that have the same MAC. Hash functions can be used to create MAC functions; see for example HMAC. A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. ...
A keyed-hash message authentication code, or HMAC, is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. ...
Cryptographic properties There is no formal definition which captures all of the properties considered desirable for a cryptographic hash function. These properties below are generally considered prerequisites: - hash(m1) = hash(m2).
This property is implied by collision-resistance. In cryptography, a preimage attack on a cryptographic hash differs from a collision attack. ...
A one-way function is a function which is easy to calculate but hard to invert — it is difficult to calculate the input to the function given its output. ...
In cryptography, a preimage attack on a cryptographic hash differs from a collision attack. ...
- Collision-resistant: it should be hard to find two different messages m1 and m2 such that hash(m1) = hash(m2). Due to a possible birthday attack, this means the hash function output must be at least twice as large as what is required for preimage-resistance.
A hash function meeting these criteria may still have undesirable properties. For instance, most popular hash functions are vulnerable to length-extension attacks: given h(m) and len(m) but not m, by choosing a suitable m' an attacker can calculate h (m || m'), where || denotes concatenation. This property can be used to break naive authentication schemes based on hash functions. The HMAC construction works around these problems. A collision attack on a cryptographic hash tries to find two different inputs that will produce the same hash value, i. ...
A birthday attack is a type of cryptographic attack which exploits the mathematics behind the birthday paradox, making use of a space-time tradeoff. ...
Concatenation is a standard operation in computer programming languages (a subset of formal language theory). ...
A keyed-hash message authentication code, or HMAC, is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. ...
It is however, a common misconception that "one-wayness" of a cryptographic hash function means irreversibility of processing of the hash state, and that it somehow contradicts the principles used to construct block ciphers. Such "irreversibility" in fact means presence of local collisions that could facilitate attacks. The hash function must be a permutation processing its state bijectively to be cryptographically secure. It must be irreversible regarding the data block just like any block cipher must be irreversible regarding the key (it should be impossible to find the key that can encrypt a block A into a block B faster than the brute-force). This makes iterated block ciphers and hash functions processing blocks of the same size as secret keys of those block ciphers virtually identical, except the roles of key and data blocks are swapped. All the attacks against the MDx and SHA families of hash functions exploit local collisions in the processing of the data block. The local collisions caused by the final addition operation can also be exploited by these attacks.
Applications of hash functions A typical use of a cryptographic hash would be as follows: Alice poses to Bob a tough math problem and claims she has solved it. Bob would like to try it himself, but would yet like to be sure that Alice is not bluffing. Therefore, Alice writes down her solution, appends a random nonce, computes its hash and tells Bob the hash value (whilst keeping the solution and nonce secret). This way, when Bob comes up with the solution himself a few days later, Alice can prove that she had the solution earlier by revealing the nonce to Bob. (This is an example of a simple commitment scheme; in actual practice, Alice and Bob will often be computer programs, and the secret would be something less easily spoofed than a claimed puzzle solution). The names Alice and Bob are commonly used placeholders for archetypal characters in fields such as cryptography and physics. ...
In security engineering, a nonce is a number used once. ...
In cryptography, a commitment scheme or a bit commitment scheme is a method of sending hidden information such that it is verifiable in spite of possible later bias from either the sender or the receiver. ...
Another important application of secure hashes is verification of message integrity. Determination of whether or not any changes have been made to a message (or a file), for example, can be accomplished by comparing message digests calculated before, and after, transmission (or any other event). In telecommunication, the term data integrity has the following meanings: The condition that exists when data is unchanged from its source and has not been accidentally or maliciously modified, altered, or destroyed. ...
A computer file is a collection of information that is stored in a computer system and can be identified by its full path name. ...
A message digest can also serve as a means of reliably identifying a file; the Git source code management system uses the sha1sum of various types of content (file content, directory trees, ancestry information, etc) to uniquely identify them. Git is a distributed revision control / software configuration management project created by Linus Torvalds to manage software development of the Linux kernel. ...
In Information Technology and telecommunication, the term configuration management has the following meanings: [The] management of security features and assurances through control of changes made to hardware, software, firmware, documentation, test, test fixtures and test documentation of an automated information system, throughout the development and operational life of a system. ...
sha1sum is a computer program which calculates and verifies SHA1 hashes. ...
A related application is password verification. Passwords are usually not stored in cleartext, for obvious reasons, but instead in digest form. To authenticate a user, the password presented by the user is hashed and compared with the stored hash. This is sometimes referred to as one-way encryption. A password is a form of secret authentication data that is used to control access to a resource. ...
In data communications, cleartext is the form of a message or data which is transferred or stored without cryptographic protection. ...
One-way encryption may refer to: One-way function Trapdoor one-way function Asymmetric encryption Cryptographic hash function Category: ...
For both security and performance reasons, most digital signature algorithms specify that only the digest of the message be "signed", not the entire message. Hash functions can also be used in the generation of pseudorandom bits. In cryptography, a digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. ...
A pseudo-random number is a number belonging to a sequence which appears to be random, but can in fact be generated by a finite computation. ...
SHA-1, MD5, and RIPEMD-160 are among the most commonly-used message digest algorithms as of 2005. In August 2004, researchers found weaknesses in a number of hash functions, including MD5, SHA-0 and RIPEMD. This has called into question the long-term security of later algorithms which are derived from these hash functions — in particular, SHA-1 (a strengthened version of SHA-0), RIPEMD-128, and RIPEMD-160 (both strengthened versions of RIPEMD). Neither SHA-0 nor RIPEMD are widely used since they were replaced by their strengthened versions. In February 2005, an attack on SHA-1 was reported, finding collisions in about 269 hashing operations, rather than the 280 expected for a 160-bit hash function. In August 2005, another attack on SHA-1 was reported, finding collisions in 263 operations. The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST). ...
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. ...
RIPEMD-160 (RACE Integrity Primitives Evaluation Message Digest) is a 160-bit message digest algorithm (and cryptographic hash function) developed in Europe by Hans Dobbertin, Antoon Bosselaers and Bart Preneel, and first published in 1996. ...
Hashes are used to identify files on peer-to-peer filesharing networks. For example, in an ed2k link, a MD4-variant hash is combined with the file size, providing sufficient information for locating file sources, downloading the file and verifying its contents. Magnet links are another example. Such file hashes are often the top hash of a hash list or a hash tree which allows for additional benefits. A peer-to-peer (or P2P) computer network is a network that relies on the computing power and bandwidth of the participants in the network rather than concentrating it in a relatively few servers. ...
File sharing is the activity of making files available to other users for download over the Internet, but also over smaller networks. ...
ed2k links are used by the eDonkey2000 family of P2P programs, such as eDonkey2000 itself, eMule, Hybrid, MLDonkey, and others. ...
MD4 is a message digest algorithm (the fourth in a series) designed by Professor Ronald Rivest of MIT in 1990. ...
In computer science, a hash list can mean any kind of list of hashes. ...
In computer science, hash trees, also known as Merkle (hash) trees or Tiger tree hashes, are an extension of the simpler concept hash list, which in turn is an extension of the old concept of hashing, for instance, a file. ...
Merkle-Damgård hash functions -
Main article: Merkle-Damgård construction
 The Merkle-Damgård hash construction. A hash function must be able to process an arbitrary-length message into a fixed-length output. This can be achieved by breaking the input up into a series of equal-sized blocks, and operating on them in sequence using a one-way compression function. The compression function can either be specially designed for hashing or be built from a block cipher. A hash function built with the Merkle-Damgård construction is as resistant to collisions as is its compression function; any collision for the full hash function can be traced back to a collision in the compression function. In cryptography, the Merkle-DamgÃ¥rd hash function is a generic construction of a cryptographic hash function. ...
Image File history File links This is a lossless scalable vector image. ...
Image File history File links This is a lossless scalable vector image. ...
In cryptography, a one-way compression function is a function that transforms two fixed length inputs to an output of the same size as one of the inputs. ...
The last block processed should also be unambiguously length padded; this is crucial to the security of this construction. This construction is called the Merkle-Damgård construction. Most widely used hash functions, including SHA-1 and MD5, take this form. In cryptography, padding is the practice of adding material of varying length to the plaintext of messages. ...
In cryptography, the Merkle-Damgård hash function is a generic construction of a cryptographic hash function. ...
The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST). ...
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. ...
Hash functions based on block ciphers - Main article: One-way compression function
There are several methods to use a block cipher to build a cryptographic hash function. The methods resemble the block cipher modes of operation usually used for encryption. In cryptography, a one-way compression function is a function that transforms two fixed length inputs to an output of the same size as one of the inputs. ...
Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ...
In cryptography, a block cipher operates on blocks of fixed length, often 64 or 128 bits. ...
Using a block cipher to build the one-way compression function for a hash function is usually much slower than using a specially designed one-way compression function in the hash function. But, in some cases it is easier because a single implementation of a block cipher can be used for both block cipher and a hash function. It can also save code space in very tiny embedded systems like for instance smart cards or nodes in cars or other machines. It has been suggested that Embedded System Design in an FPGA be merged into this article or section. ...
Smart card used for health insurance in France. ...
In fact, all the existing hash functions are based either on block ciphers or on stream ciphers. MDx, SHA, Whirlpool, etc. can all be used as block ciphers without the final addition of the initial state to the output. Hash functions can be constructed based on stream ciphers as well (VEST), although certain properties are required for it to work - the stream cipher must be able to accept variable-length IVs and must process them bijectively.
Hash functions to build other cryptographic primitives Hash functions can be used to build other cryptographic primitives. For these other primitives to be cryptographically secure care has to be taken to build them the right way.
Message authentication codes (MACs) are often built from hash functions. HMAC is such a MAC. A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. ...
A keyed-hash message authentication code, or HMAC, is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. ...
Just as block ciphers can be used to build hash functions, hash functions can be used to build block ciphers. Examples of such block ciphers are SHACAL, BEAR and LION. Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ...
SHACAL-1 and SHACAL-2 are block ciphers based on cryptographic hash function from the SHA family. ...
The BEAR block cipher was invented by Ross Anderson and Eli Biham by combining a stream cipher and a cryptographic hash function. ...
The LION block cipher was invented by Ross Anderson and Eli Biham by combining a stream cipher and a cryptographic hash function. ...
Pseudorandom number generators (PRNGs) can be built using hash functions. This is done by combining a (secret) random seed with a counter and hashing it. If the counter is a bignum (allowed to count to any size) then the PRNG can have an infinite period. // A pseudorandom number generator (PRNG) is an algorithm that uses arithmetics to generate a sequence of numbers that approximate the properties of random numbers. ...
A bignum package in a computer or program allows internal representation of very large integers, rational numbers, decimal numbers, or floating-point numbers (limitted only by available memory), and provides a set of arithmetic operations on such numbers. ...
Stream ciphers can be built using hash functions. Often this is done by first building a cryptographically secure pseudorandom number generator and then using its stream of random bytes as keystream and XOR that onto the cleartext to get the ciphertext. SEAL is such a stream cipher which is based on SHA-1. The operation of A5/1, a LFSR-based stream cipher used to encrypt mobile phone conversations. ...
A cryptographically secure pseudo-random number generator (CSPRNG) is a pseudo-random number generator (PRNG) with properties that make it suitable for use in cryptography. ...
In cryptography, a keystream is a stream of random or pseudorandom characters that are combined with a cleartext message to produce an encrypted message (the ciphertext). ...
It has been suggested that XOR gate be merged into this article or section. ...
SEAL (Software-Optimized Encryption Algorithm) is a very fast stream cipher optimised for machines with a 32-bit word size and plenty of RAM. The first version was published by Phil Rogaway and Don Coppersmith in 1994. ...
The SHA (Secure Hash Algorithm) family is a set of related cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST). ...
Concatenated cryptographic hash functions It is often suggested that concatening multiple hash functions could produce a new hash function that is more secure than its component parts. For example, one might concatenate the output of SHA-1 and RIPEMD-160 to produce a new function H(x) = SHA-1(x) || RIPEMD-160(x). The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. ...
RIPEMD-160 (RACE Integrity Primitives Evaluation Message Digest) is a 160-bit message digest algorithm (and cryptographic hash function) developed in Europe by Hans Dobbertin, Antoon Bosselaers and Bart Preneel, and first published in 1996. ...
However, the new function is still no more secure than each of its component parts in isolation. Joux [1] noted that the iterative nature of cryptographic hash functions introduces a weakness. n-collisions (n different messages that hash to the same value) are effectively no more difficult to find than 2-collisions. If an n-collision can be found for RIPEMD, it is likely that amongst the n different messages there will be a collision in SHA-1. The time needed to find the SHA-1 collision is polynomial. This argument is summarized by Finney. In computational complexity theory, polynomial time refers to the computation time of a problem where the time, m(n), is no greater than a polynomial function of the problem size, n. ...
Concatenated hash functions are used within SSL and the Debian Advanced Packaging Tool system, both of which currently use concatenated MD5 and SHA-1 sums. This does not increase security, but provides redundancy in case one is broken: a valid reason for using multiple hash functions. SSL can mean more than one thing: Secure Sockets Layer, a communications protocol. ...
Debian is a project based around the development of a free, complete operating system through the collaboration of volunteers from around the world. ...
Advanced Packaging Tool, or APT, is a package management system used by Debian and its derivatives. ...
List of cryptographic hash functions Some of the following algorithms are known to be insecure; consult the article for each specific algorithm for more information on the status of each algorithm. For even more hash functions see the box at the bottom of the page. The SHA hash functions are a series of functions developed by the NSA: SHA, also known as SHA-0, SHA-1 and four flavours of a function known as SHA-2. HAVAL is a variable-length cryptographic hash function. ...
Message Digest Algorithm 2 (MD2) is a cryptographic hash function developed by Ronald Rivest in 1989. ...
MD4 is a message digest algorithm (the fourth in a series) designed by Professor Ronald Rivest of MIT in 1990. ...
In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. ...
Panama is a cryptographic primitive which can be used both as a hash function and a stream cipher. ...
RIPEMD-160 (RACE Integrity Primitives Evaluation Message Digest) is a 160-bit message digest algorithm (and cryptographic hash function) developed in Europe by Hans Dobbertin, Antoon Bosselaers and Bart Preneel, and first published in 1996. ...
RIPEMD-160 (RACE Integrity Primitives Evaluation Message Digest) is a 160-bit message digest algorithm (and cryptographic hash function) developed in Europe by Hans Dobbertin, Antoon Bosselaers and Bart Preneel, and first published in 1996. ...
RIPEMD-160 (RACE Integrity Primitives Evaluation Message Digest) is a 160-bit message digest algorithm (and cryptographic hash function) developed in Europe by Hans Dobbertin, Antoon Bosselaers and Bart Preneel, and first published in 1996. ...
The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. ...
The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. ...
The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. ...
The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. ...
In cryptography, Tiger is a cryptographic hash function designed by Ross Anderson and Eli Biham in 1996 with a view for efficiency on 64-bit platforms. ...
VEST (Very Efficient Substitution Transposition) ciphers are a set of families of general-purpose hardware-dedicated ciphers that support single pass authenticated encryption and can operate as collision-resistant hash functions. ...
VEST (Very Efficient Substitution Transposition) ciphers are a set of families of general-purpose hardware-dedicated ciphers that support single pass authenticated encryption and can operate as collision-resistant hash functions. ...
Saltstraumen whirlpool A whirlpool in a glass of water A whirlpool is a large, swirling body of water produced by ocean tides. ...
The SHA hash functions are five cryptographic hash functions designed by the National Security Agency (NSA) and published by the NIST as a U.S. Federal Information Processing Standard. ...
NSA can stand for: National Security Agency of the USA The British Librarys National Sound Archive This page concerning a three-letter acronym or abbreviation is a disambiguation page — a navigational aid which lists other pages that might otherwise share the same title. ...
Note: The internal state here means the "internal hash sum" after each compression of a data block. Most hash algorithms also internally use some additional variables such as length of the data compressed so far since that is needed for the length padding in the end. See the Merkle-Damgård construction for details. In cryptography, the Merkle-DamgÃ¥rd hash function is a generic construction of a cryptographic hash function. ...
Methods to make hashes of block ciphers See one-way compression function for details. In cryptography, a one-way compression function is a function that transforms two fixed length inputs to an output of the same size as one of the inputs. ...
- Davies-Meyer
- Matyas-Meyer-Oseas
- Miyaguchi-Preneel
- MDC-2
- MDC-4
See also This article is about cryptography; for other meanings, see snowball effect. ...
In cryptography, MD5CRK was a distributed effort (similar to distributed. ...
A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. ...
A keyed-hash message authentication code, or HMAC, is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. ...
In Cryptography, CRHF stands for Collision Resisitant Hash Function. ...
Unsolved problems in Cryptography: How to construct UOWHF of higher orders efficiently? In cryptography a Universal One Way Hash Function (UOWHF), often pronounced woof, is a cryptographic hash function. ...
CRYPTREC is the Cryptography Research and Evaluation Committee set up by the Japanese Government to evaluate and recommend cryptographic techniques for government and industrial use. ...
NESSIE (New European Schemes for Signatures, Integrity and Encryption) was a European research project funded from 2000–2003 to identify secure cryptographic primitives. ...
In computer science, a hash list can mean any kind of list of hashes. ...
In computer science, hash trees, also known as Merkle (hash) trees or Tiger tree hashes, are an extension of the simpler concept hash list, which in turn is an extension of the old concept of hashing, for instance, a file. ...
It has been suggested that this article or section be merged with Biometric word list. ...
References - ^ Joux, Antoine. Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions. LNCS 3152/2004, pages 306-316 Full text.
- ^ A. Joux and J-R. Reinhard, "Overtaking VEST" describes an attack that breaks ProVEST with a typo in the counter diffusor responsible for local collisions. VEST ciphers do not have that collision and therefore are not affected by this attack.
External links |
Feeds |
Contact