The goal is to create a unique, irrreversible random bit cipher. (One-way function)

It can shorten a message, a 128-bits hash function will always return a 128 bit string, regardless of input size.

It should be quick, but not too quick or else it could be broken.

Usually we hash block by block and use the current hash to further hash the next block.

Strong Hash Functions

• Strong diffusion (Avalanche Effect)
• Quick but not too quick
• One-way function only (not reversible)
• No collisions → No two messages have the same hash

Avalanche Effect

Strong hash functions make sure the output looks like it’s randomly generated, even if the bit changes in the message is extremely small. This is called the avalanche effect which is achieved using good diffusion. MD5 is a good example of this:

No collisions

This is important because we use hashes to check if a message has been changed. If there is the possibility that our message has changed, but our hash has not, this undermines the whole idea!

Current state of hash functions

Password Storage

Hashes are used to safely store password, so even if you crack a database, you can’t reverse-engineer the passwords. For this there are special hash functions that are slower on purpose, so you can’t hash a lot of passwords fast and compare them. Examples:

• PBKDF2
• Bcrypt