Revision as of 12:25, 26 January 2006 edit Davidgothberg (talk \| contribs) Extended confirmed users 16,980 edits Maths formulas ← Previous edit		Revision as of 12:47, 26 January 2006 edit undo Davidgothberg (talk \| contribs) Extended confirmed users 16,980 edits More text. Next edit →
Line 3: In [[cryptography]], there are several methods to use a [[block cipher]] to build a [[cryptographic hash function]]. The methods resembles the [[block cipher modes of operation]] usually used for encryption. Three such methods to turn any normal block cipher into a hash are '''Davies-Meyer''', '''Miyaguchi-Preneel''' and '''Matyas-Meyer-Oseas'''. IfUsing a block cipher ~~has~~as a ~~[[Block~~hash ~~size~~function ~~(cryptography)\|block~~usually ~~size]]~~is ofmuch ~~say~~slower ~~128~~then ~~bits~~using ~~most~~a ofspecially ~~the methods create a~~designed hash function. ~~that~~But ~~has~~in ~~the~~some ~~block~~cases ~~size~~it ofmight ~~128~~be ~~bits~~easier ~~and~~since ~~produces~~it ameans ~~hash~~just ofimplementing ~~128~~a ~~bits.~~block ~~But~~cipher ~~there~~and ~~are~~then ~~also~~using ~~methods~~it toboth ~~make~~as ~~hashes with double the~~a block ~~size~~cipher and a hash ~~size~~function. ~~compared~~It tocan ~~the~~also ~~block~~save ~~size~~code ofspace ~~the~~in ~~block~~very ~~cipher~~tiny ~~used.~~[[embedded Sosystem]]s alike ~~128-bit~~for ~~block~~instance ~~cipher~~[[smart ~~can~~card]]s beor ~~turned~~nodes ~~into~~in acars ~~256-bit~~or ~~hash~~other ~~function~~machines. If a block cipher has a [[Block size (cryptography)\|block size]] of say 128 bits most of the methods create a hash function that has the block size of 128 bits and produces a hash of 128 bits. But there are also methods to make hashes with double the hash size compared to the block size of the block cipher used. So a 128-bit block cipher can be turned into a 256-bit hash function. The hash function is secure if the block cipher used is secure. Note that just as with normal specialised hash functions the last block needs to be properly [[Padding (cryptography)\|length padded]] prior to the hashing for the hash to be secure. (This is normally implemented and handled internally in most specialised hash functions like [[SHA-1]] etc.)▼ The hash function is secure if the following conditions are met: Using a block cipher as a hash function usually is much slower then using a specially designed hash function. But in some cases it might be easier since it means just implementing a block cipher and then using it both as a block cipher and a hash function. It can also save code space in very tiny [[embedded system]]s like for instance [[smart card]]s or nodes in cars or other machines. * The block cipher needs to be secure. * The resulting hash size needs to be big enough. 64-bit is too small, 128-bit might be enough. ▲* The ~~hash function is secure if the block cipher used is secure. Note that just as with normal specialised hash functions the~~ last block needs to be properly [[Padding (cryptography)\|length padded]] prior to the hashing ~~for the hash to be secure~~. (This is normally implemented and handled internally in ~~most~~ specialised hash functions like [[SHA-1]] etc.) == Davies-Meyer ==

One-way compression function: Difference between revisions