Hash algorithms, hash algorithms... What the hell is a hash algorithm?
Hmm... Let's take a look at the
FAQs to answer your question.
Ok, ok. I know what's a hash algorithm. Now, which are supported by HashSum?
That's a difficult question. The list of supported algorithms could vary between versions. For HashSum 1.0, the list of supported hash algorithms is:
Name: CRC32
Length: 32 bits
Standard: ISO 3003 (1986)
Implementation: All versions use
CRC32Managed in BaseCryptoLib.
The Cyclic Redundancy Code, 32 bits, is an old checksum algorithm used only in compressed files because it (just) requires 2
32 (4 billion) operations to find a valid message with the same CRC32 than the original (a collision).
Name: Adler32
Length: 32 bits
Implementation: All versions use
Adler32Managed in BaseCryptoLib.
A relatively new checksum algorithm, designed to be much faster than CRC32 at the risk of slightly more probable collisions (two messages with the same hash). Used frequently in new compression formats.
Name: MD2
Length: 128 bits
Standard: RFC 1319 (1989)
Implementation: All versions use
MD2Managed in BaseCryptoLib.
The Ronald Rivest's first widely used hash algorithm was initially devised to work in 8-bit computer architectures. The 16-bit 80286 and the 32-bit 80386 quickly overpowered it, and by today is only used in embedded devices and (very) old Internet encryption schemas.
Name: MD4
Length: 128 bits
Standard: RFC 1320 (1990)
Implementation: All versions use
MD4Managed in BaseCryptoLib.
The Message Digest 4, by Ron Rivest, was published as a break-through in hash algorithms: safe and very fast. Some time later, however, a little failure was detected, and MD4 stood "at the edge in terms of risking successful cryptanalytic attack", so MD5, a slower but more secure version, was published, leading to the downfall of MD4.
Anyway, while MD4 is no loger secure for data encryption, it is suitable for very fast checksum operations.
Name: MD5
Length: 128 bits
Standard: RFC 1321 (1991)
Implementation: The .NET/Mono version uses
MD5Managed, a machine-independent version in BaseCryptoLib instead of the implementation provided by the framework. The same applies to the Java version.
Again from Ron Rivest's desk, Message Digest 5 was published after MD4 having been found not completely safe for security purposes (altough it was perfectly suitable for data verification). MD5 is a bit slower than MD4, but, as of 2005, is safe enough for most applications.
Name: RIPEMD-160
Length: 160 bits
Implementation: The .NET/version version uses
RIPEMD160Managed in System.Security.Cryptography. The Java version uses our implementation in BaseCryptoLib.
The RACE Integrity Primes Evaluation MD, or RIPEMD, was a family of algorithms designed in Europe in the mid-90s. Their design is similar to that of MD4/5, and the speed of the 160-bit version is close to SHA-1. They have not been widely adopted nor examined, and so their security cannot be assured.
Name: SHA-1
Length: 160 bits
Standards: FIPS 180-1 (1995), RFC 3174 (2001)
Implementation: The .NET version uses the framework-provided
SHA1Managed in System.Security.Cryptography. The Java version uses our own implementation in BaseCryptoLib.
The Secure Hash Algorithm 1 was designed by FIPS as an improvement to a short-lived algorithm now called SHA-0. The big idea behind both was that computational speed was growing so quickly that any other algorithms might had become unsafe by 2000 (what proved to be false, as MD5 continues to work even today).
Name: HAS-160
Length: 160 bits
Standard: TTAS.KO-12.0011-R1 (2001)
Implementation: All versions use
HAS160Managed in BaseCryptoLib.
A heavily modified version of SHA-1, HAS-160 is used in some Korean encryption / information exchange standards. Even when has not gained wide acceptance, it is thought to be safer than SHA-1 because uses rotationg data in most points where SHA-1 uses constants.
Name: Tiger
Length: 192 bits
Implementation: All versions use
TigerManaged in BaseCryptoLib.
The Tiger algorithm was designed in 1996 with 64-bit computers in mind: unlike most current algorithms, whose design is 32-bit based, the internal architecture of Tiger is 64-bit, making it perform better in those machines.
Name: SHA-2 family (SHA-224, SHA-256, SHA-384, SHA-512)
Length: 224, 256, 384 and 512 bits
Standards: FIPS 180-2 (2002), revised in 2004
Implementation: The .NET/Mono version of HashSum use the managed implementations provided by the framework for all but SHA-224, where
SHA224Managed, in BaseCryptoLib, is used. The Java version uses the BaseCryptoLib implementations for all SHA-2 algorithms.
After the wide adoption of SHA-1, the FIPS designed a new set of more secure functions called SHA-2. Tough not exactly the same, they were very similar in concept. Initially, there were three versions: SHA-256, SHA-384 and SHA-512, which became four when SHA-224 joined in 2004. Both the 224-bit and 384-bit versions are slightly modified versions of the 256-bit and 512-bit versions, but their output is trimmed to the required bit length.
SHA-224 and SHA-256 are 32-bit algorithms which can digest up to 2
64 bits of data, while SHA-384 and SHA-512 are 64-bit algorithms with a message size limit of 2
128 bits.
And what about future plans?
That's an even more difficult question. We would like to support the widest variety of hash algorithms possible. That has already meant writing a lot of implementations from scratch, with the only help of the standard and some test vectors. These is the list of the algorithms we have in our nearest plans:
| Name |
Length |
Description |
| Whirlpool |
512 bits |
The Whirlpool hash algorithm is a modified version of AES, the current encryption standard (also known as Rijndael), which, instead of streaming its output, combines it, thus making the AES encryption function into the hash compression function
Just like Rijndael, its maths can be represented pretty simply. However, when it comes to the implementation complexity...
|
