Score:1

How to find the 6 main properties of cryptographic hash functions when implementing a hash function?

tn flag

According to this there are at least 6 "properties" all cryptographically secure hash functions strive to attain:

  • Deterministic: the same message always results in the same hash;
  • Quick: it is quick to compute the hash value for any given message;
  • One-way function: it is infeasible to generate a message from its hash value except by trying all possible messages;
  • Avalanche effect: a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value;
  • Collision resistant: it is infeasible to find two different messages with the same hash value
  • Pre-image attack resistant: a pre-image attack on cryptographic hash functions tries to find a message that has a specific hash value. A cryptographic hash function should resist attacks on its pre-image.

The first 3 I think are pretty easy to adhere to as far as I can imagine so far (not having implemented a cryptographically secure hashing function). But how do you design something that has the last 3 though?

  1. Avalanche effect.
  2. Collision resistant.
  3. Pre-image attack resistant.

Are there specific things that you can do when designing a hashing function to make it have these 3 properties somehow? How do the ones that create the award-winning cryptographic hash functions do it?

If there are no principles to apply, the next best bet would be to know which examples to study to gain insight on how they managed to adhere to these properties. In that case, what papers or hash algorithms are good to study, and which parts to focus on from those cases?

kelalaka avatar
in flag
3rd easy? Can you prove that there is a one-way function? it is related to Pre-image resistance but not equal. MD hash functions use block ciphers construction to have a good [compression function](https://en.wikipedia.org/wiki/One-way_compression_function). Avalanche effect: block cipher means something for you? I suggest you to read the BLAKE2 book. KECCAK, as a different class, on the other hand, uses permutations..
kelalaka avatar
in flag
The attacks and how to mitigate them, see [Joux's paper](https://crypto.stackexchange.com/q/98092/18298) and how SHAx is improved over the years.. Until someone shows the reverse, almost all are alleged as long as there is no proof of bounds like Universal hash functions
Thorham avatar
jp flag
kelalaka - A simple addition is already one way.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.