Contact Us Today 01642 716680

Cryptographic Hash Function

Definition: A cryptographic hash function is an algorithm designed to produce a fixed-size hash value from variable input data. It is a mathematical process used in computer security to encrypt information.

The role of cryptographic hash functions in cyber security is critical, as they ensure data integrity, authenticate information, and securely store passwords. A good hash function has several properties:

  • It produces a unique output for each unique input (collision-resistant).
  • Generating the original input from its hash output (pre-image resistant) is infeasible.
  • A small change to the input will produce a significantly different hash (avalanche effect).

What does a cryptographic hash function do?

A cryptographic hash function is an equation designed to verify the validity of data. It can be applied to many areas but is primarily useful in information security. 

The cryptographic hash function translates data of varying lengths into a fixed-size numerical string. You would call the original data the message and the new string the hash. Reversing the cryptographic hash function is incredibly difficult, making recreating the information used nearly impossible.

What is a feature of a cryptographic hash function?

The cryptographic hash function has numerous features. One feature is that the input can be any length, and the output will have a fixed length. As mentioned above, it is also one-way and not reversible. Finally, two different input values will rarely have the same hash. 

How are cryptographic hash functions different from other hash functions?

The difference between cryptographic and non-cryptographic hash functions is the security they provide. Cryptographic hash functions have multiple guaranteed properties. These properties are that they are deterministic, quick, have a one-way function, have an avalanche effect, are collision resistant (In most cases), and are pre-image attack resistant. On the other hand, non-cryptographic hash functions focus on providing weaker guarantees of those properties in exchange for performance improvements.

Are cryptographic hash functions deterministic?

Cryptographic hash functions are deterministic, as no matter the input size, the output will always be the same size. 

Collision resistant functions:

SHA-256 (Secure Hash Algorithm 256-bit):

  • Part of the SHA-2 family.
  • Widely used and currently considered collision-resistant.

SHA-3 (Secure Hash Algorithm 3):

  • Based on the Keccak algorithm.
  • Designed to provide security even if SHA-2 is broken.
  • Currently considered collision-resistant.

BLAKE2:

  • Faster than MD5 and SHA-2, and as secure as the latter.
  • Currently considered collision-resistant.

Not collision resistant functions:

MD5 (Message Digest Algorithm 5):

  • Widely used in the past, but now known to have vulnerabilities.
  • Not collision-resistant; collisions can be found relatively easily with modern computing power.

SHA-1 (Secure Hash Algorithm 1):

Key Characteristics:

  • Deterministic: The same input will always result in the same hash output.
  • Fixed Output Length: Regardless of the size of the input data, the output hash is always of a fixed size.
  • Efficiency: Hash functions compute the hash value at a high speed.
  • Pre-image Resistant: It is computationally infeasible to reverse-engineer the original input from its hash value.
  • Collision Resistant: It is infeasibly hard to find two different inputs that produce the same output hash.
  • Avalanche Effect: A minor change to the input should change the hash value dramatically.

Examples:

  • Real-World Example: When a user logs into a secure platform, the password they entered is hashed and compared with the stored hash of the actual password. If the hashes match, access is granted.
  • Hypothetical Scenario: A document is digitally signed by computing its hash and then encrypting the hash with a private key. When verifying the signature, the document’s hash is recomputed and compared with the decrypted signature hash. If they match, the document’s integrity is confirmed.

Related Terms:

  • SHA-256: A widely used cryptographic hash function that produces a 256-bit hash value.
  • MD5: An older hash function that produces a 128-bit hash, now considered insecure due to vulnerabilities.
  • Collision: The event where two different inputs produce the same hash output, which hash functions are designed to avoid.

What is the OWASP Top 10: Download our flash cards to find out.

Inside you will find a description of the most common web vulnerabilities.

Contact us

Get a free, no obligation quote from one of our expert staff.

      Looking for reliable Penetration Testing? Use the contact form below and request a quote today.