Hashes and Message Digests

Magnus Daum and Hans Dobbertin, Ruhr University Bochum, Germany



Designing Hash Functions

Birthday Attack

Meet-in-the-Middle Attack

Hashing by Iterated Compression

Collisions and Pseudocollisions of the Compression Function

Collision Resistance and the Discrete Log Problem

Compression in MD4-Like Hash Functions

Message Expansion

Step Operation


Attacks on MD4-Like Hash Functions

General Attack Methods

Status of Different Hash Functions

Building Hash Functions from Block Ciphers

Single-Length Constructions

Double-Length Constructions

Message Authentication Codes




Cross References



Modern asymmetric cryptology started with the invention of digital signatures (see Chapter 176, Digital Signatures and Electronic Signatures) in the mid-1970s, when Diffie and Hellman described properties of suitable mathematical mechanisms. Very shortly later Rivest, Shamir, and Adleman made this idea concrete by introducing their famous RSA scheme (see Chapter 111, Public Key Algorithms). Signing and verification in this scheme uses modular exponentiation, which is useful because of its algebraic properties. Conversely, modular exponentiation is relatively slow when applied to the bit sizes needed for RSA to be secure.

To implement digital signature schemes, in practice one needs an additional cryptographic primitive, a so-called (cryptographic) hash function. A hash algorithm computes an output ...

Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.