8-19

cryptographic hash function

The purpose of a hash function is to produce a “fingerprint” of a file, message or block of data.

It generates a set of $k$ bits from a set of $L(\ge k)$ bits.

• a hash function is generally non-injective

The result of applying a hash function is called hash value, message digest or checksum.

MAC with one-way hash function

Unlike a MAC, a hash function doesn’t take a secret key as input - it is, however, possible to get MACs using hash functions.

properties of a hash function aimed at authentication

• can be applied to a block of data of any size
• produces a fixed-length output
• $H(x)$ is relatively easy to compute for any given $x$
• computationally infeasible to find $x$ such that $H(x)=x$ (one-way or pre-image resistant)
• computationally infeasible to find $y\ne x$ such that $H(y)=H(x)$
• computationally infeasible to fiind $(x,y)$ such that $H(x)=H(y)$ (collision resistant)

There are two approaches to attacking a secure hash function:

• exploit logical weaknesses in the algorithm
• strength