Message Digest

In various standards and applications, the two most-commonly used hash functions are MD5 and SHA-1 . In 2005, security flaws were identified in both algorithms.

OVERVIEW

Broadly speaking, a cryptographic hash function should behave as much as possible like a Random Function while still being Deterministic and efficiently computable.

A cryptographic hash function is considered insecure if either of the following is computationally feasible:

finding a (previously unseen) message that matches a given digest

finding " Collisions ", wherein two different messages have the same message digest.

An attacker who can do either of these things might, for example, use them to substitute an unauthorized message for an authorized one.

Ideally, it should not even be feasible to find two messages whose digests are substantially similar; nor would one want an Attacker to be able to learn anything useful about a message given only its digest. Of course the attacker learns at least one piece of information, the digest itself, which for instance gives the attacker the ability to recognise the same message should it occur again.

RELATED ALGORITHMS

Checksum s and Cyclic Redundancy Check s (CRCs) are quite distinct from cryptographic hash functions, and are used for different applications. If used for security, they are vulnerable to attack; for example, a CRC was used for message integrity in the WEP encryption standard, but an attack was readily discovered which exploited the linearity of the checksum specified.

A Message Authentication Code or MAC takes a message and a secret key and generates a "MAC tag", such that it is difficult for an attacker to generate a valid pair (message, tag) that doesn't match one they've already seen; they are used to prevent attackers forging messages, among other uses. Though it is sometimes referred to as a "keyed hash function", a MAC serves a very different purpose and has very different security properties than a cryptographic hash function; for example, it is not considered a flaw if it is easy for someone who knows the MAC key to generate two messages that have the same MAC. Hash functions can be used to create MAC functions; see for example HMAC .

CRYPTOGRAPHIC PROPERTIES

There is no formal definition which captures all of the properties considered desirable for a cryptographic hash function. These properties below are generally considered prerequisites:

'' Preimage Resistant '' (See '' One Way Function '' for a related but slightly different property): given ''h'' it should be hard to find any ''m'' such that ''h'' = hash(''m'').

'' Second Preimage Resistant '': given an input ''m''₁, it should be hard to find another input, ''m''₂ (not equal to ''m''₁) such that

hash(m_1)=hash(m_2).

This property is implied by collision-resistance.

'', this means the hash function output must be at least twice as large as what is required for preimage-resistance.

It Is

"http://developersslashdotorg/commentsplsid=120193&cid=10130642" class="copylinks" target="_blank">often suggested that concatening multiple hash functions could produce a new hash function that is more secure than its component parts For example, one might concatenate the output of SHA-1 and RIPEMD-160 to produce a new function H(x) = SHA-1(x) RIPEMD-160(x)

{ Class

"wikitable"

	CATEGORIES ABOUT CRYPTOGRAPHIC HASH FUNCTION

	cryptography

	cryptographic primitives

	cryptographic hash functions

	hashing

	APPAREL
	BABY
	BEAUTY
	BOOKS
	CAR TOYS
	CELL PHONES
	DVD'S
	ELECTRONICS
	GOURMET FOOD
	GROCERIES
	HEALTH & PERSONAL
	HOME & GARDEN
	JEWELRY
	MUSIC
	MUSIC INSTRUMENTS
	OFFICE PRODUCTS
	SOFTWARE
	SPORTING GOODS
	TOOLS & HARDWARE
	TOYS
	VIDEO GAMES
	SHOPPING HOME

	MORE SHOPPING...

Information About

Message Digest