Comparison of cryptographic hash functions: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 18:41, 23 January 2017 edit GreenC bot (talk \| contribs) Bots 3,062,595 edits m Reformat 1 archive link. Wayback Medic 2.1 ← Previous edit		Latest revision as of 04:43, 24 May 2025 edit undo SchlurcherBot (talk \| contribs) Bots 59,052 edits m Bot: http → https
(50 intermediate revisions by 21 users not shown)
Line 1: {{short description\|Tables comparing general and technical information for common hashes}} The following tables compare general and technical information for a number of [[cryptographic hash ~~function]]s~~functions.~~<ref>~~ See the individual functions' articles for further information. This article is not all-inclusive or necessarily up-to-date.~~</ref>~~ An overview of hash function security/[[cryptanalysis]] can be found at [[hash function security summary]]. == General information == Basic general information about the [[cryptographic hash function]]s: year, designer, references, etc. {\| class="wikitable sortable" style="text-align: center" \|- ! Function ! Year ~~! Year<ref group="gi">It refers to the first official description of the algorithm, not designed date.</ref>~~ ! Designer ! Derived from ! Reference \|- \| [[BLAKE (hash function)\|BLAKE]] \| 2008 \| Jean-Philippe Aumasson<br>Luca Henzen<br>Willi Meier<br>Raphael C.-W. Phan \| [[ChaCha20]] \| [https://131002.net/blake/ Website]<br>[https://web.archive.org/web/20201001184633/http://131002.net/blake/blake.pdf Specification] \|- \| [[BLAKE2]] \| 2012 \| Jean-Philippe Aumasson<br>Samuel Neves<br>[[Zooko Wilcox-O'Hearn]]<br>Christian Winnerlein \| [[BLAKE (hash function)\|BLAKE]] \| [https://blake2.net/ Website]<br>[https://blake2.net/blake2.pdf Specification]<br>{{IETF RFC\|7693}} \|- \| [[BLAKE3]] \| 2020 \| Jack O'Connor<br>Jean-Philippe Aumasson<br>Samuel Neves<br>[[Zooko Wilcox-O'Hearn]] \| [[BLAKE2]] \| [https://github.com/BLAKE3-team/BLAKE3 Website]<br>[https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf Specification] \|- \| [[GOST (hash function)\|GOST R 34.11-94]] \| 1994 \| [[FAPSI]] and VNIIstandart \| [[GOST (block cipher)\|GOST 28147-89]] \| {{IETF RFC\|5831}} \|- \| [[HAVAL]] \| 1992 \| [[Yuliang Zheng]]<br />[[Josef Pieprzyk]]<br />[[Jennifer Seberry]] \| \| [https://web.archive.org/web/20150111210116/http://labs.calyptix.com/haval.php Website]<br>[https://web.archive.org/web/20140411060613/http://labs.calyptix.com/files/haval-paper.pdf Specification] \|- \| [[~~MD2 (cryptography)\|MD2~~KangarooTwelve]] \| 2016 \| Guido Bertoni<br>[[Joan Daemen]]<br>Michaël Peeters<br>[[Gilles Van Assche]] \| [[Keccak]] \| [https://keccak.team/kangarootwelve.html Website]<br>[https://keccak.team/files/KangarooTwelve.pdf Specification] \|- \| [[MD2 (hash function)\|MD2]] \| 1989 \| rowspan="4" \| [[Ronald Rivest]] \| \| ~~RFC~~{{IETF RFC\|1319}} \|- \| [[MD4]] \| 1990 \| \| ~~RFC~~{{IETF RFC\|1320}} \|- \| [[MD5]] \| 1992 \| [[MD4]]~~<br />RFC 1321 page 1~~ \| ~~RFC~~{{IETF RFC\|1321}} \|- \| [[MD6]] \| 2008 \| \| [~~http~~https://groups.csail.mit.edu/cis/md6/~~submitted~~ Website]<br>[https://groups.csail.mit.edu/cis/md6/docs/2009-~~2008~~04-1015-~~27/Supporting_Documentation/md6_report~~md6-report.pdf ~~md6_report.pdf~~Specification] \|- \| [[RIPEMD]] \| ~~1990~~1992 \| The RIPE Consortium<ref>{{cite conference\|first1=Hans\|last1=Dobbertin\|author-link1=Hans Dobbertin\|first2=Antoon\|last2=Bosselaers\|first3=Bart\|last3=Preneel\|author-link3=Bart Preneel\|title=RIPEMD-160: A strengthened version of RIPEMD\|conference=Fast Software Encryption. Third International Workshop\|___location=Cambridge, UK\|date=21–23 February 1996\|pages=71–82\|url=https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf\|doi=10.1007/3-540-60865-6_44\|doi-access=free}}</ref> ~~\| The RIPE Consortium [http://homes.esat.kuleuven.be/~bosselae/ripemd160.html#What]~~ \| [[MD4]] \| \|- \| [[RIPEMD-128]]<br />[[RIPEMD-256]]<br />[[RIPEMD-160]]<br />[[RIPEMD-320]] \| 1996 \| [[Hans Dobbertin]]<br />[[Antoon Bosselaers]]<br />[[Bart Preneel]] \| [[RIPEMD]] ~~\| [[RIPEMD]][http://homes.esat.kuleuven.be/~bosselae/ripemd160.html#What]~~ \| [~~http~~https://homes.esat.kuleuven.be/~bosselae/ripemd160.html Website]<br>[https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf Specification] \|- \| [[SHA-0]] Line 54 ⟶ 86: \| rowspan="4"\|[[National Security Agency\|NSA]] \| \| [https://web.archive.org/web/20090130063617/http://w2.eff.org/Privacy/Digital_signature/?f=fips_sha_shs.info.txt SHA-0] \|- \| [[SHA-1]] \| 1995 \| [[SHA-0]] \| rowspan="3" \| [~~http~~https://~~csrc~~nvlpubs.nist.gov/~~publications~~nistpubs/~~fips~~FIPS/~~fips180-4/fips-~~NIST.FIPS.180-4.pdf Specification] \|- \| [[SHA-256]]<br />[[SHA-~~512~~384]]<br />[[SHA-~~384~~512]] \| 2002 \| rowspan="2"\| Line 68 ⟶ 100: \| 2004 \|- \| [[SHA-3]] (Keccak) ~~\| [[GOST (hash function)\|GOST R 34.11-94]]~~ \| ~~1994~~2008 \| Guido Bertoni<br>[[Joan Daemen]]<br>Michaël Peeters<br>[[Gilles Van Assche]] ~~\| [[FAPSI]] and VNIIstandart~~ \| [[RadioGatún]] ~~\| [[GOST (block cipher)\|GOST 28147-89]]~~ \| [https://keccak.team/ Website]<br>[https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf Specification] ~~\| RFC 5831, RFC 4357~~ \|- \| [[Streebog]] \| 2012 \| [[Federal Security Service\|FSB]], InfoTeCS JSC \| \| {{IETF RFC\|6986}} \|- \| [[Tiger (~~cryptography~~hash function)\|Tiger]] \| 1995 \| [[Ross J. Anderson\|Ross Anderson]]<br />[[Eli Biham]] \| \| [~~http~~https://www.cs.technion.ac.il/~biham/Reports/Tiger/ Website]<br>[https://www.cs.technion.ac.il/~biham/Reports/Tiger/tiger/node3.html Specification] \|- \| [[Whirlpool (~~cryptography~~hash function)\|Whirlpool]] \| 2004 \| [[Vincent Rijmen]]<br />[[Paulo S. L. M. Barreto\|Paulo Barreto]] \| \| [https://web.archive.org/web/20171129084214/http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html Website] \|- ~~\| [[BLAKE (hash function)\|BLAKE]]~~ ~~\| 2008~~ ~~\| Jean-Philippe Aumasson<br />Luca Henzen<br />Willi Meier<br />Raphael C.-W. Phan~~ ~~\| [[Salsa20#ChaCha_variant\|ChaCha20]]~~ ~~\| [https://131002.net/blake/ Website]~~ \|- ~~\| [[SHA-3]] (Keccak)~~ \| 2008<ref>{{Citation \|title = Keccak sponge function family main document \|url = http://keccak.noekeon.org/Keccak-main-1.0.pdf \|first1 = Guido \|last1 = Bertoni \|first2 = Joan \|last2 = Daemen \|first3 = Michael \|last3 = Peeters \|first4 = Gilles Van \|last4 = Assche \|version = 1.0 \|date = Oct 2008 \|accessdate = 2013-07-30 }}</ref> ~~\| [[Guido Bertoni]]<br />[[Joan Daemen]]<br />[[Michaël Peeters]]<br />[[Gilles Van Assche]]~~ \| ~~\| [http://keccak.noekeon.org Website]~~ \|- ~~\| [[BLAKE (hash function)#BLAKE2\|BLAKE2]]~~ ~~\| 2012~~ ~~\| Jean-Philippe Aumasson<br />Samuel Neves<br />[[Zooko_Wilcox-O'Hearn]]<br />Christian Winnerlein~~ ~~\| [[BLAKE (hash function)\|BLAKE]]~~ ~~\| [https://blake2.net Website]~~ \|} ~~=== Notes ===~~ ~~<references group="gi" />~~ == Parameters == {\| class="wikitable sortable" style="text-align: center" \|- ! data-sort-type=text \| Algorithm ! data-sort-type=number \| Output size (bits) ! data-sort-type=number \| Internal state size{{notetag\|The ''internal state'' here means the "internal hash sum" after each compression of a data block. Most hash algorithms also internally use some additional variables such as length of the data compressed so far since that is needed for the length padding in the end. See the [[Merkle–Damgård construction]] for details.}} ! data-sort-type=number \| Block size ! data-sort-type=number \| Length size ! data-sort-type=number \| Word size ! data-sort-type=number \| [[Round (cryptography)\|Rounds]] \|- \| '''[[BLAKE2b]]''' \| 512 \| 512 \| 1024 \| 128{{notetag\|The size of BLAKE2b's message length counter is 128-bit, but it counts message length in bytes, not in bits like the other hash functions in the comparison. It can hence handle eight times longer messages than a 128-bit length size would suggest (one byte equaling eight bits). A length size of 131-bit is the comparable length size (<math>8 \times 2^{128} = 2^{131}</math>).}} \| 64 \| 12 \|- \| '''[[BLAKE2s]]''' \| 256 \| 256 \| 512 \| 64{{notetag\|The size of BLAKE2s's message length counter is 64-bit, but it counts message length in bytes, not in bits like the other hash functions in the comparison. It can hence handle eight times longer messages than a 64-bit length size would suggest (one byte equaling eight bits). A length size of 67-bit is the comparable length size (<math>8 \times 2^{64} = 2^{67}</math>).}} \| 32 \| 10 \|- \| '''[[BLAKE3]]''' \| Unlimited{{notetag\|It's technically 2<sup>64</sup> bytes which equals 2<sup>67</sup> bits<ref>https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf page 8</ref>}} \| 256{{notetag\|The full BLAKE3 incremental state includes a chaining value stack up to 1728 bytes in size. However, the compression function itself does not access this stack. A smaller stack can also be used if the maximum input length is restricted.}} \| 512 \| 64 \| 32 \| 7 \|- ~~! Algorithm~~ ~~! Output size (bits)~~ ! Internal state size<ref group="p">The ''internal state'' here means the "internal hash sum" after each compression of a data block. Most hash algorithms also internally use some additional variables such as length of the data compressed so far since that is needed for the length padding in the end. See the [[Merkle-Damgård construction]] for details.</ref> ~~! Block size~~ ~~! Length size~~ ~~! Word size~~ ~~! Rounds~~ ~~\|- style="text-align:center;"~~ \| '''[[GOST (hash function)\|GOST]]''' \| 256 Line 128 ⟶ 168: \| 32 \| 32 \|- ~~\|- style="text-align:center;"~~ \| '''[[HAVAL]]''' \| 256/224/192/160/128 \| 256 \| ~~1,024~~1024 \| 64 \| 32 \| 3/4/5 \|- \| '''[[MD2 (hash function)\|MD2]]''' ~~\|- style="text-align:center;"~~ ~~\| '''[[MD2 (cryptography)\|MD2]]'''~~ \| 128 \| 384 \| 128 \| -– \| 32 \| 18 \|- ~~\|- style="text-align:center;"~~ \| '''[[MD4]]''' \| 128 Line 155 ⟶ 192: \| 32 \| 3 \|- ~~\|- style="text-align:center;"~~ \| '''[[MD5]]''' \| 128 Line 164 ⟶ 200: \| 32 \| 64 \|- ~~\|- style="text-align:center;"~~ \| '''[[PANAMA]]''' \| 256 \| ~~8,736~~8736 \| 256 \| -– \| 32 \| -– \|- ~~\|- style="text-align:center;"~~ \| '''[[RadioGatún]]''' \| Unlimited{{notetag\|RadioGatún is an [[extendable-output function]] which means it has an output of unlimited size. The official test vectors are 256-bit hashes. RadioGatún claims to have the security level of a cryptographic [[sponge function]] 19 words in size, which means the 32-bit version has the security of a 304-bit hash when looking at [[preimage attack]]s, but the security of a 608-bit hash when looking at [[collision attack]]s. The 64-bit version, likewise, has the security of a 608-bit or 1216-bit hash. For the purposes of determining how vulnerable RadioGatún is to [[length extension attack]]s, only two words of its 58-word state are output between hash compression operations.}} ~~\| Up to 608/1,216 (19 words)~~ \| 58 words \| 19 words{{notetag\|RadioGatún is not a Merkle–Damgård construction and, as such, does not have a block size. Its belt is 39 words in size; its mill, which is the closest thing RadioGatún has to a "block", is 19 words in size.}} ~~\| 3 words~~ \| -– \| 1–64{{notetag\|Only the 32-bit and 64-bit versions of RadioGatún have official test vectors}} ~~\| 1–64~~ \| 18{{notetag\|The 18 blank rounds are only applied once in RadioGatún, between the end of the input mapping stage and before the generation of output bits}} ~~\| -~~ \|- ~~\|- style="text-align:center;"~~ \| '''[[RIPEMD]]''' \| 128 Line 191 ⟶ 224: \| 32 \| 48 \|- \| '''[[RIPEMD]]-128, -256''' ~~\|- style="text-align:center;"~~ ~~\| '''[[RIPEMD\|RIPEMD-128/256]]'''~~ \| 128/256 \| 128/256 Line 200 ⟶ 232: \| 32 \| 64 \|- \| '''[[RIPEMD]]-160''' ~~\|- style="text-align:center;"~~ ~~\| '''[[RIPEMD\|RIPEMD-160]]'''~~ \| 160 \| 160 Line 209 ⟶ 240: \| 32 \| 80 \|- \| '''[[RIPEMD]]-320''' ~~\|- style="text-align:center;"~~ ~~\| '''[[RIPEMD\|RIPEMD-320]]'''~~ \| 320 \| 320 Line 218 ⟶ 248: \| 32 \| 80 \|- \| '''[[SHA-0]]''' ~~\|- style="text-align:center;"~~ ~~\| '''[[SHA-1\|SHA-0]]'''~~ \| 160 \| 160 Line 227 ⟶ 256: \| 32 \| 80 \|- ~~\|- style="text-align:center;"~~ \| '''[[SHA-1]]''' \| 160 Line 234 ⟶ 262: \| 512 \| 64 \| 4032 \| 80 \|- \| '''[[SHA-2\|SHA-224, -256]]''' ~~\|- style="text-align:center;"~~ ~~\| '''[[SHA-2\|SHA-224, SHA-256]]'''~~ \| 224/256 \| 256 \| 512 \| 64 \| 5632 \| 64 \|- \| '''[[SHA-2\|SHA-384, -512, -512/224, -512/256]]''' ~~\|- style="text-align:center;"~~ ~~\| '''[[SHA-2\|SHA-384, SHA-512, SHA-512/224, SHA-512/256]]'''~~ \| 384/512/224/256 \| 512 \| ~~1,024~~1024 \| 128 \| 64 \| 80 \|- ~~\|- style="text-align:center;"~~ \| '''[[SHA-3]]''' \| 224/256/384/512~~<ref group="p">~~{{notetag\|Although the underlying algorithm [[Keccak]] has arbitrary hash lengths, the NIST specified 224, 256, 384 and 512 bits output as valid modes for SHA-3.~~</ref>~~}} \| 1600 \| 1600 - 2bits \| –{{notetag\|Implementation dependent; as per section 7, second paragraph from the bottom of page 22, of FIPS PUB 202.}} ~~\| -~~ \| 64 \| 24 \|- \| '''[[SHA3]]'''-224 ~~\|- style="text-align:center;"~~ ~~\| '''[[SHA-3\|SHA3]]'''-224~~ \| 224 \| 1600 \| 1152 \| -– \| 64 \| 24 \|- \| '''[[SHA3]]'''-256 ~~\|- style="text-align:center;"~~ ~~\| '''[[SHA-3\|SHA3]]'''-256~~ \| 256 \| 1600 \| 1088 \| -– \| 64 \| 24 \|- \| '''[[SHA3]]'''-384 ~~\|- style="text-align:center;"~~ ~~\| '''[[SHA-3\|SHA3]]'''-384~~ \| 384 \| 1600 \| 832 \| -– \| 64 \| 24 \|- \| '''[[SHA3]]'''-512 ~~\|- style="text-align:center;"~~ ~~\| '''[[SHA-3\|SHA3]]'''-512~~ \| 512 \| 1600 \| 576 \| -– \| 64 \| 24 \|- \| '''[[Tiger (hash function)\|Tiger(2)-192/160/128]]''' ~~\|- style="text-align:center;"~~ ~~\| '''[[Tiger (cryptography)\|Tiger(2)-192/160/128]]'''~~ \| 192/160/128 \| 192 Line 308 ⟶ 328: \| 64 \| 24 \|- \| '''[[Whirlpool (hash function)\|Whirlpool]]''' ~~\|- style="text-align:center;"~~ ~~\| '''[[WHIRLPOOL]]'''~~ \| 512 \| 512 Line 317 ⟶ 336: \| 8 \| 10 ~~\|- style="text-align:center;"~~ ~~\| '''[[BLAKE (hash function)#BLAKE2\|BLAKE2b]]'''~~ ~~\| 512~~ ~~\| 1024~~ ~~\| 512~~ ~~\| -~~ ~~\| 64~~ ~~\| 12~~ ~~\|- style="text-align:center;"~~ ~~\| '''[[BLAKE (hash function)#BLAKE2\|BLAKE2s]]'''~~ ~~\| 256~~ ~~\| 512~~ ~~\| 256~~ ~~\| -~~ ~~\| 32~~ ~~\| 10~~ \|} ===Notes=== {{notefoot}} ~~<references group="p" />~~ == Compression function == The following tables compare technical information for [[One-way compression function\|compression function]]s of [[cryptographic hash function]]s. The information comes from the specifications, please refer to them for more details. {\| class="wikitable" style="text-align: center" \|- ! rowspan="2" \| Function ! colspan="6" \| Size ([[bit]]s)~~<ref group="cf">~~{{notetag\|The omitted multiplicands are word sizes.~~</ref>~~}} ! rowspan="2" \| Words × <br />Passes = <br />Rounds~~<ref group="cf">~~{{notetag\|Some authors interchange passes and rounds.~~</ref>~~}} ! rowspan="2" \| Operations~~<ref group="cf">~~{{notetag\|A: addition, subtraction; B: [[bitwise operation]]; L: [[lookup table]]; S: [[Bitwise operations#Bit shifts\|shift, rotation]].~~</ref>~~}} ! rowspan="2" \| [[Endianness\|Endian]]~~<ref group="cf">~~{{notetag\|It refers to ''byte'' endianness only. If the operations consist of bitwise operations and lookup tables only, the endianness is irrelevant.~~</ref>~~}} ~~! rowspan="2" \| Specification~~ \|- ! [[Word (computer architecture)\|Word]] ! [[Cryptographic hash function\|Digest]] ! [[Merkle–Damgård construction\|Chaining <br />values]]~~<ref group="cf">~~{{notetag\|The size of message digest equals to the size of chaining values usually. In truncated versions of certain cryptographic hash functions such as SHA-384, the former is less than the latter.~~</ref>~~}} ! Computation<br />values~~<ref group="cf">~~{{notetag\|The size of chaining values equals to the size of computation values usually. In certain cryptographic hash functions such as RIPEMD-160, the former is less than the latter because RIPEMD-160 use two sets of parallel computation values and then combine into a single set of chaining values.~~</ref>~~}} ! [[Merkle–Damgård construction\|Block]] ! [[Merkle–Damgård construction#Security characteristics\|Length]]<br ~~/><ref group="cf"~~>{{notetag\|The maximum input size {{=}} 2<sup>length size</sup> − 1 [[bit]]s. For example, the maximum input size of SHA-1 {{=}} 2<sup>64</sup> − 1 bits.~~</ref>~~}} \|- \| [[GOST (hash function)\|GOST R 34.11-94]] ~~\| [[HAVAL\|HAVAL-3-128]]~~ \| 32 \| colspan="3" \| {{nowrap\|×8 {{=}} 256}} \| {{nowrap\|×8 {{=}} 256}} \| 32 \| 4 \| A B L S \| Little \|- \| [[HAVAL\|HAVAL-3-128]] \| rowspan="15" \| 32 \| {{nowrap\|×4 {{=}} 128}} \| colspan="2" rowspan="15" \| {{nowrap\|×8 {{=}} 256}} \| rowspan="15" \| {{nowrap\|×32 {{=}} 1,024}} \| rowspan="15" \| 64 \| rowspan="5" \| {{nowrap\|32 × 3 {{=}} 96}} \| rowspan="15" \| A B S \| rowspan="15" \| Little ~~\| rowspan="15" \| [http://labs.calyptix.com/files/haval-paper.pdf HAVAL]~~ \|- \| [[HAVAL\|HAVAL-3-160]] Line 414 ⟶ 422: \| {{nowrap\|×8 {{=}} 256}} \|- \| [[MD2 (~~cryptography~~hash function)\|MD2]] \| 8 \| {{nowrap\|×16 {{=}} 128}} Line 424 ⟶ 432: \| B \| N/A ~~\| RFC 1319~~ \|- \| [[MD4]] Line 431 ⟶ 438: \| rowspan="2" \| {{nowrap\|×16 {{=}} 512}} \| rowspan="2" \| 64 \| {{nowrap\|16 × 3 {{=}} 48}} \| rowspan="2" \| A B S \| rowspan="2" \| Little ~~\| RFC 1320~~ \|- \| [[MD5]] \| {{nowrap\|16 × 4 {{=}} 64}} ~~\| RFC 1321~~ \|- \| [[RIPEMD]] Line 449 ⟶ 454: \| rowspan="5" \| A B S \| rowspan="5" \| Little \| \|- \| [[RIPEMD-128]] \| rowspan="2" \| {{nowrap\|16 × 4 {{=}} 64}} \| rowspan="4" \| [http://www.webcitation.org/6aO95FVW7?url=https://web.archive.org/web/20100216055807/http://homes.esat.kuleuven.be/%7Ecosicart/pdf/AB-9601/AB-9601.pdf RIPEMD-160]<ref>{{Citation\|title=RIPEMD-160: A Strengthened Version of RIPEMD \|url=http://homes.esat.kuleuven.be/~cosicart/pdf/AB-9601/AB-9601.pdf \|first1=Hans \|last1=Dobbertin \|first2=Antoon \|last2=Bosselaers \|first3=Bart \|last3=Preneel \|date=1996-04-18 \|accessdate=2010-02-16 \|deadurl=yes \|archiveurl=http://www.webcitation.org/6aO95FVW7?url=https://web.archive.org/web/20100216055807/http://homes.esat.kuleuven.be/~cosicart/pdf/AB-9601/AB-9601.pdf \|archivedate=2015-07-29 \|df= }}</ref> \|- \| [[RIPEMD-256]] Line 476 ⟶ 479: \|- \| [[SHA-1]] ~~\| rowspan="5" \| [http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf FIPS 180--3]~~ \|- \| [[SHA-256]] Line 497 ⟶ 499: \| {{nowrap\|×6 {{=}} 384}} \|- \| [[~~GOST~~Tiger (hash function)\|~~GOST R 34.11~~Tiger-94192]] ~~\| 32~~ ~~\| colspan="3" \| {{nowrap\|×8 {{=}} 256}}~~ ~~\| {{nowrap\|×8 {{=}} 256}}~~ ~~\| 32~~ ~~\| 4~~ ~~\| A B L S~~ ~~\| Little~~ ~~\| RFC 5831~~ \|- ~~\| [[Tiger (cryptography)\|Tiger-192]]~~ \| rowspan="3" \| 64 \| {{nowrap\|×3 {{=}} 192}} Line 516 ⟶ 508: \| rowspan="3" \| A B L S \| rowspan="3" \| Not Specified ~~\| rowspan="3" \| [http://www.cs.technion.ac.il/~biham/Reports/Tiger/tiger/node3.html#SECTION00030000000000000000 Tiger]~~ \|- \| [[Tiger (~~cryptography~~hash function)\|Tiger-160]] \| ×2.5=160 \|- \| [[Tiger (~~cryptography~~hash function)\|Tiger-128]] \| {{nowrap\|×2 {{=}} 128}} \|- ! rowspan="2" \| Function ! [[Word (computer architecture)\|Word]] ! [[Cryptographic hash function\|Digest]] ! [[Merkle–Damgård construction\|Chaining<br>values]] ! Computation<br>values ! [[Merkle–Damgård construction\|Block]] ! [[Merkle–Damgård construction#Security characteristics\|Length]] ! rowspan="2" \| Words ×<br>Passes =<br>Rounds ! rowspan="2" \| Operations ! rowspan="2" \| [[Endianness\|Endian]] \|- ! colspan="6" \| Size ([[bit]]s) \|} === Notes === {{notefoot}} ~~<references group="cf" />~~ == See also == Line 537 ⟶ 541: == External links == [https://bench.cr.yp.to/results-hash.html ECRYPT Benchmarking of Cryptographic Hashes] – measurements of hash function speed on various platforms ~~# [http://www.larc.usp.br/~pbarreto/hflounge.html The Hash Function Lounge] - A list of hash functions and known attacks, by Paulo Barreto~~ #* [~~http~~https://ehash.iaik.tugraz.at/wiki/The_eHash_Main_Page The ~~eHash~~ECRYPT ~~Main~~Hash ~~Page~~Function Website] -– A wiki for cryptographic hash functions #* [~~http~~https://csrc.nist.gov/~~groups/ST~~projects/hash-functions/sha-3~~/index.html~~-project ~~The~~SHA-3 ~~NIST Hash Competition Main Page~~Project] -– ~~The~~Information ~~competition to become~~about SHA-3 competition {{Cryptography navbox \| hash}} ~~[[Category:Cryptography]]~~ [[Category:Cryptographic primitives]] [[Category:Cryptographic hash functions\| ]]