Cryptographic hash function
A cryptographic hash function or cryptographic hash function is a special type of hash function which is collision-resistant, or a one-way function ( or both).
A hash function is a function that maps a string of arbitrary length to a string of fixed length. Mathematically, this function is not injective (left clearly ) and do not necessarily surjective (right total).
Applications of cryptographic hash functions are primarily data processing, for the integrity examination of files or messages. In addition, they are used for concealment of password files, as data on digital signatures, as a pseudo - random number generators, or for the construction of block ciphers.
- 3.1 Black- Box Attacks
- 3.2 Attacks on the compression function
- 3.3 attacks on the block cipher
Classification
Cryptologic hash functions are divided into keyless and key-dependent.
- Keyless hash functions (short hash functions ) can be further divided into one-way hash functions (English: One- Way Hash Function or OWHF ) and collision- resistant hash functions (English: Collision Resistant Hash Functions, CRHFs ).
- Key -dependent hash functions are also called message authentication code (MAC ). These include constructs such as HMAC, CBC-MAC or UMAC.
A OWHF meets the following conditions:
For additional CRHF applies:
One can also confer resistance to near- collision ask (English: near -collision resistance). It should be difficult to find two distinct inputs and differ their hash values and in only a few bits.
Construction
Most hash functions follow the Merkle - Damgård construction and are iterated compression functions. A compression function takes as input two bit strings of length and gives a bit string of length out. In addition, she is a one-way function, so it should be hard to find for a given output matching input values. Often a block cipher is used as a compression function, the inputs are then used as a message and key.
In Merkle Damgård design the message input M is first divided into blocks of fixed length and filled with an additional bit, so that the input length is an integer multiple of the block length. The compression function has as input a message block and the output of the previous message blocks. The hash of the entire message is the hash value of the last block:
IV refers to a starting value (initial value).
Iterated hash functions based either on block ciphers, to algebraic structures, or are specially designed hash algorithms.
Special hash algorithms
These include, for example, MD4, SHA, and RIPEMD including family.
Hash functions, based on a block cipher
A distinction hash functions, the hash value is the same length as the block length, and those whose hash value is twice the block length.
- Matyas -Meyer - Oseas variant:
- Davies -Meyer variant:
- Miyaguchi - Preneel variant:
Hash functions, based on algebraic structures
MASH (Modular Arithmetic Secure Hash ) used an RSA -like modulus n = pq, where p and q are primes. The compression function is in the core:
A: constant: excl. or, : incl or
Attacks
Attacks against hash functions can be general in nature, and depend only on the bit length of the hash value and treat the hash algorithm as a black box. You can on the other hand, directed against the compression function. For hash functions based on a block cipher, an attack on the underlying block cipher can be done. Moreover, attacks on the implementation of the hashing algorithm are possible.
Black-box attacks
Black-box attacks are attacks on hash functions, where nothing is known about the actual operation of the hash function. Only the length of the hash value is assumed to be known and it is assumed that the hash values are evenly distributed.
Attacks on the compression function
Attacks on the block cipher
Vulnerability of Blockchiffrierverfahrens which is used as long as the method of encryption, actually irrelevant, which may have a significant impact when it is used for the construction of a hash process. This would, for example, weak keys or a complementary property.