CRYPTOGRAPHY - Hashing
The Merkle-Damgaard construction is a method of building collision-resistant cryptographic hash functions from
collision-resistant one-way compression functions. This construction was used in the design of many popular hash algorithms
such as MD5, SHA-1 and SHA-2. It was described in Ralph Merkle's Ph.D. thesis in 1979. Ralph Merkle and Ivan Damgård
independently proved that the structure is sound:
that is, if an appropriate padding scheme is used and the compression function is collision-resistant,
then the hash function will also be collision-resistant.
Bear in mind that NIST publishes the Secure Hash Standard (SHS) as NIST FIPS 180-4, which includes SHA-1 and SHA-2.
At a glance:
At a glance:
- Argon2 is a key derivation function that was selected as the winner of the Password Hashing Competition in July 2015.
- Designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from the University of Luxembourg.
Refer also to crypto standards.
- RIPEMD - Wikipedia - Dobbertin, Bosselaers, Preneel 1992/1996
- RIPEMD - ISO ISO/IEC 10118-3:2018(en)
IT Security techniques — Hash-functions — Part 3: Dedicated hash-functions
SHA-1, SHA-2, SHA-3
- SHA-1 Wikipedia - US NSA, 1995, 160 bits, all major web browser vendors ceased acceptance of SHA-1 SSL certificates in 2017
- SHA-1 is a 160-bit hash standard, published in 1995 by NIST as FIPS 180-1, developed as part of the US Capstone project.
The original specification was published in 1993 under the title Secure Hash Standard, FIPS PUB 180, by NIST.
This version is often named SHA-0.
- It is no longer considered as cryptographically safe, see e.g. https://csrc.nist.gov/projects/hash-functions/nist-policy-on-hash-functions
- SHA-2 Wikipedia - US NSA 2001, family: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
- Built using the Merkle–Damgård construction, from a one-way compression function itself built using the Davies–Meyer structure
from a specialized block cipher
- First published by the NIST as a US FIPS
- SHA-3 Wikipedia - US NIST 2015,
Multihash is a protocol for differentiating outputs from various well-established hash functions,
addressing size and encoding considerations.
It is useful to write applications that future-proof their use of hashes, and allow multiple hash functions to coexist.
A key derivation function (KDF) is a cryptographic hash function that derives one or more secret keys from a secret value such as a main key, a password, or a passphrase using a pseudorandom function.
KDFs can be used
Keyed cryptographic hash functions are examples of pseudorandom functions used for key derivation
- to stretch keys into longer keys or
- to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES