Summary
A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with a fixed size of bits) that has special properties desirable for a cryptographic application: the probability of a particular -bit output result (hash value) for a random input string ("message") is (as for any good hash), so the hash value can be used as a representative of the message; finding an input string that matches a given hash value (a pre-image) is unfeasible, assuming all input strings are equally likely. The resistance to such search is quantified as security strength, a cryptographic hash with bits of hash value is expected to have a preimage resistance strength of bits. However, if the space of possible inputs is significantly smaller than , or if it can be ordered by likelihood, then the hash value can serve as an oracle, allowing efficient search of the limited or ordered input space. A common example is the use of a standard fast hash function to obscure user passwords in storage. If an attacker can obtain the hashes of a set of passwords, they can test each hash value against lists of common passwords and all possible combinations of short passwords and typically recover a large fraction of the passwords themselves. See #Attacks on hashed passwords. A second preimage resistance strength, with the same expectations, refers to a similar problem of finding a second message that matches the given hash value when one message is already known; finding any pair of different messages that yield the same hash value (a collision) is also unfeasible, a cryptographic hash is expected to have a collision resistance strength of bits (lower due to the birthday paradox). Cryptographic hash functions have many information-security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption.
About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.