|
|
|
|
Cryptographic hash functions are used
in various contexts, for example to compute the message digest when
making a digital signature. A hash function compresses the bits of a
message to a fixed-size hash value in a way that distributes
the possible messages evenly among the possible hash values. A
cryptographic hash function does this in a way that makes it
extremely difficult to come up with a message that would hash to a
particular hash value.
Cryptographic hash functions
typically produce hash values of 128 or more bits. This
number (2128) is vastly larger than the number of
different messages likely to ever be exchanged in the world. The
reason for requiring more than 128 bits is based on the
birthday paradox. The birthday paradox roughly states that
given a hash function mapping any message to an 128-bit hash
digest, we can expect that the same digest will be computed twice
when 264 randomly selected messages have been
hashed. As cheaper memory chips for computers become available it
may become necessary to require larger than 128 bit message
digests (such as 160 bits as has become standard recently).
Many good cryptographic hash functions are freely available.
The most famous cryptographic hash functions are those of the MD
family, in particular MD4 and MD5.
MD4 has been broken, and MD5, although still in widespread use,
should be considered insecure as well. SHA-1
and RipeMD-160
are two examples that are still considered state of the art.
| |
|