# Cryptographic Hash Function

May 20, 2023

A cryptographic hash function is a type of algorithm that takes input data of any size and produces an output of fixed size, known as a hash value, hash code, or message digest. The primary purpose of a cryptographic hash function is to ensure data integrity and provide a secure way to verify the authenticity of data. They are widely used in various applications, including digital signatures, password storage, data comparison, and message authentication.

## Purpose and Usage

The purpose of a cryptographic hash function is to generate a unique, fixed-size signature for a piece of data, with the following characteristics:

• Uniqueness: The probability of two different inputs producing the same hash value should be extremely low (ideally, close to zero).
• Determinism: The same input should always produce the same output.
• Irreversibility: It should be computationally infeasible to derive the original input data from its hash value.
• Sensitivity to input changes: A small change in the input data should result in a vastly different hash value.

Cryptographic hash functions are used in a wide range of applications that require data integrity and authenticity, such as:

• Digital Signatures: A digital signature is a mathematical scheme that provides authentication of digital messages or documents. It involves using a private key to sign a message and a public key to verify the authenticity of the signature. Cryptographic hash functions are used to create digital signatures that are unique to the message being signed, making it impossible for anyone to modify the message without invalidating the signature.
• Data Comparison: Hash functions can be used to compare large sets of data quickly, as comparing the hash values of two sets of data is much faster than comparing the data itself. This is useful in applications such as data synchronization and file sharing, where it is important to ensure that the transferred data matches the original data.
• Message Authentication: Cryptographic hash functions can be used to provide message authentication, which involves ensuring that a message has not been modified or tampered with during transmission. A hash of the message is generated before transmission, and the receiver can verify the hash value to ensure that the message has not been altered.

## Types of Cryptographic Hash Functions

There are several types of cryptographic hash functions, each with its unique characteristics and strengths.

### MD5

The MD5 (Message Digest 5) algorithm was developed in 1991 by Ronald Rivest as a successor to the MD4 algorithm. It produces a 128-bit hash value and is widely used for checksums and data integrity checks. However, due to its susceptibility to collision attacks, it is no longer considered a secure hash function for cryptographic purposes.

### SHA-1

The SHA-1 (Secure Hash Algorithm 1) algorithm was developed by the National Security Agency (NSA) in 1995 and produces a 160-bit hash value. It was widely used in various applications, including SSL/TLS certificates, but its security has been compromised, and it is now considered insecure.

### SHA-2

The SHA-2 (Secure Hash Algorithm 2) family of algorithms was also developed by the NSA, and it includes several hash functions, including SHA-224, SHA-256, SHA-384, and SHA-512, which produce hash values of 224, 256, 384, and 512 bits, respectively. SHA-2 is widely used in various applications, including SSL/TLS certificates, file integrity checks, and digital signatures.

### SHA-3

The SHA-3 (Secure Hash Algorithm 3) algorithm was selected as the winner of the NIST hash function competition in 2012, and it produces hash values of 224, 256, 384, and 512 bits. It is designed to be more secure and efficient than SHA-2 and is recommended for new applications that require cryptographic hash functions.

## Hash Function Properties

Cryptographic hash functions should meet specific criteria to be considered secure. The following are some essential properties that a hash function should have:

### Pre-Image Resistance

A secure hash function should be resistant to pre-image attacks, which means that it should be computationally infeasible to find an input that produces a given hash value. In other words, given a hash value, it should be challenging to find the input data that resulted in that hash value.

### Second Pre-Image Resistance

A secure hash function should also be resistant to second pre-image attacks, which means that it should be challenging to find another input that produces the same hash value as a given input. In other words, if an attacker has a hash value of a specific input, they should find it challenging to find another input that produces the same hash value.

### Collision Resistance

A secure hash function should also be collision-resistant, which means that it should be computationally infeasible to find two different input values that produce the same hash value. In other words, it should be challenging to find two different inputs that have the same hash value.

### Avalanche Effect

A secure hash function should exhibit the avalanche effect, where a small change in the input data should result in a significant change in the hash value. In other words, if two inputs differ by only one bit, the resulting hash values should be vastly different.

## Attacks on Cryptographic Hash Functions

Cryptographic hash functions are susceptible to various attacks, including collision attacks, pre-image attacks, and length extension attacks. The following are some common attacks on cryptographic hash functions.

### Collision Attacks

Collision attacks involve finding two different input values that produce the same hash value. These attacks are a severe threat to the security of hash functions because they allow an attacker to create malicious data that has the same hash value as legitimate data. Collision attacks are more severe for hash functions with smaller output sizes, such as MD5 and SHA-1.

### Pre-Image Attacks

Pre-image attacks involve finding an input message that produces a specific hash value. These attacks are a threat to the confidentiality of data because they allow an attacker to determine the original message from its hash value.

### Length Extension Attacks

Length extension attacks involve extending a message without knowing the secret key used to generate its hash value. These attacks are a threat to the integrity of data because they allow an attacker to modify a message without changing its hash value.