Hash Function Security Summary
   HOME

TheInfoList



Click Here for Items Related To - Hash Function Security Summary
OR:
Hash Function Security Summary on:   [Wikipedia]   [Google]   [Amazon]

This article summarizes publicly known attacks against
cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...
s. Note that not all entries may be up to date. For a summary of other hash function parameters, see comparison of cryptographic hash functions.


Table color key


Common hash functions


Collision resistance


Chosen prefix collision attack


Preimage resistance


Length extension

*Vulnerable: MD5, SHA1, SHA256, SHA512 *Not vulnerable: SHA384, SHA-3, BLAKE2


Less-common hash functions


Collision resistance


Preimage resistance


Attacks on hashed passwords

Hashes described here are designed for fast computation and have roughly similar speeds. Because most users typically choose short
password A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...
s formed in predictable ways, passwords can often be recovered from their hashed value if a fast hash is used. Searches on the order of 100 billion tests per second are possible with high-end
graphics processor A graphics processing unit (GPU) is a specialized electronic circuit designed to manipulate and alter memory to accelerate the creation of images in a frame buffer intended for output to a display device. GPUs are used in embedded systems, mobi ...
s. Special hashes called key derivation functions have been created to slow brute force searches. These include
pbkdf2 In cryptography, PBKDF1 and PBKDF2 (Password-Based Key Derivation Function 1 and 2) are key derivation functions with a sliding computational cost, used to reduce vulnerabilities of brute-force attacks. PBKDF2 is part of RSA Laboratories' Publ ...
,
bcrypt bcrypt is a password-hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher and presented at USENIX in 1999. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive fu ...
,
scrypt In cryptography, scrypt (pronounced "ess crypt") is a password-based key derivation function created by Colin Percival in March 2009, originally for the Tarsnap online backup service. The algorithm was specifically designed to make it costly ...
,
argon2 Argon2 is a key derivation function that was selected as the winner of the 2015 Password Hashing Competition. It was designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from the University of Luxembourg. The reference implementation o ...
, and
balloon A balloon is a flexible bag that can be inflated with a gas, such as helium, hydrogen, nitrous oxide, oxygen, and air. For special tasks, balloons can be filled with smoke, liquid water, granular media (e.g. sand, flour or rice), or light so ...
.


See also

* Comparison of cryptographic hash functions *
Cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...
*
Collision attack In cryptography, a collision attack on a cryptographic hash tries to find two inputs producing the same hash value, i.e. a hash collision. This is in contrast to a preimage attack where a specific target hash value is specified. There are roughl ...
*
Preimage attack In cryptography, a preimage attack on cryptographic hash functions tries to find a message that has a specific hash value. A cryptographic hash function should resist attacks on its preimage (set of possible inputs). In the context of attack, the ...
*
Length extension attack In cryptography and computer security, a length extension attack is a type of attack where an attacker can use Hash(''message1'') and the length of ''message1'' to calculate Hash(''message1'' ‖ ''message2'') for an attacker-controlled ''message2 ...
* Cipher security summary


References


External links

* 2010 summary of attacks against Tiger, MD4 and SHA-2: {{cryptography navbox , hash Cryptography lists and comparisons