Revision as of 18:42, 8 June 2010 edit 75.119.251.119 (talk) →Remove duplicate entry ← Previous edit		Revision as of 23:51, 13 June 2010 edit undo 193.190.253.147 (talk) →Classical Hash Functions - Practical Approach to Security Next edit →
Line 18: == Classical Hash Functions - Practical Approach to Security == Most hash functions are built on an ad hoc basis, where the bits of the message are nicely mixed to produce the hash. Various [[bitwise operation]]s (e.g. rotations), [[Modular arithmetic\|modular additions]] and [[One-way compression function\|compression functions]] are used in iterative mode to ensure high complexity and pseudo-randomness of the output. In this way, the security is very hard to prove and the proof is usually not done. Only a few years ago, one of the most popular hash functions, [[SHA-1]], was shown to be less secure than its length suggested: collisions could be found in only 2<sup>6963</sup> tests, rather than the brute-force number of 2<sup>80</sup>. The search for a "good" hash function has thus become a hot topic. In other words, most of the hash functions in use nowadays, are not provably collision-resistant. These hashes are not based on purely mathematical functions. This approach results generally in more effective hashing functions, but with the risk that a weakness of such a function will be eventually used to find collisions. The famous case is [[MD5]].

Security of cryptographic hash functions: Difference between revisions