December 6, 2017

Hash Functions Cheat Sheet

In previous blog I wrote about Deterministic Random Bit Generator, DRBG that makes arbitrary output from a short fixed length seed.

And the inverse of that is Hash Function

INPUT: arbitrarily long data
OUTPUT: short fixed length digest (e.g. 256 bit)

Hash functions are used for

Digest Signatures
Sign( Hash( message, salt ) )

Hash Key Derivation Function, HKDF
HKDF( randomness )

Password Based Hashing and Key Derivation Funtion, PBKDF
PBKDF( password, salt, iteration count )

Challenge Response Protocol
Hash( key, challenge )

Deterministic Random Bit Generator, DRBG
Hash( key, nonce, 1 ) || Hash( key, nonce, 2 ) || ...

Message Authentication Code, MAC
Hash( key, message )

Bad, do not use Good, do use
MD4, MD5 BLAKE2
SHA-1 (shattered.io) SHA-3
CRC SHA-2 (224, 256, 384, 512)
your own algorithm  

No comments: