Cryptography A-Z

• Introduction to Cryptography
• Algorithms
  • Public Key Cryptosystems
  • Secret Key Cryptosystems
  • Cryptographic Hash Functions
  • Random Number Generators
• Protocols and Standards
• References
• Online Resources

Cryptographic Hash Functions

Cryptographic hash functions are used in various contexts, for example to compute the message digest when making a digital signature. A hash function compresses the bits of a message to a fixed-size hash value in a way that distributes the possible messages evenly among the possible hash values. A cryptographic hash function does this in
a way that makes it extremely difficult to come up with a message that would hash to a particular hash value. Some of the best known and most widely used hash functions are briefly described below.

• SHA-1 (Secure Hash Algorithm) (also SHS, Secure Hash Standard): This is a cryptographic hash algorithm published by the United States Government. It produces a 160 bit hash value from an arbitrary length string. SHA-1 is still considered adequately safe for practical applications, but stronger versions, SHA-256, SHA-384, and SHA-512, which produce 256-, 384-, and 512-bit hashes, respectively, are available and will replace SHA-1 as cryptological research on it advances.
  
  The official standard text can be found in FIPS PUB 180-1.
  
  
• RIPEMD-160 is a hash algorithm designed to replace MD4 and MD5 (see below). It produces a digest of 20 bytes (160 bits, hence the name) and has been placed in the public domain by its designers. The RIPEMD-160 homepage is at www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
  
  
  
• MD5 (Message Digest Algorithm 5) is a cryptographic hash algorithm developed at RSA Laboratories. It can be used to hash an arbitrary length byte string into a 128-bit value.
  
  MD5's ancestors, MD2 and MD4 have been broken, and there are some concerns about the safety of MD5 as well. In 1996 a collision of the MD5 compression function was found by Hans Dobbertin (Hans Dobbertin, FSE'96, LNCS 1039). Although this result does not directly compromise its security, as a precaution the use of MD5 is not recommended in new applications.
  
  
  
• Badger (CryptiCore) is a recent message authentication code which was first presented at the Applied Cryptography and Network Security Conference (ACNS) in 2005. It uses universal hashing as its design principle, allowing for a rigorous proof of its security under randomness assumptions for the keys. In addition, it uses some novel ways of combining the ingredients to make it one of the fastest known MAC algorithms. Bagder was developed by Cryptico and a detailed description as well as security analysis is available from Cryptico's web site.