Which cryptographic hash function should I choose?

by

In cryptography, hash functions provide three separate functions.

  1. Collision resistance: How hard is it for someone to find two messages (any two messages) that hash the same.
  2. Preimage Resistance: Given a hash, how hard is it to find another message that hashes the same? Also known as a one way hash function.
  3. Second preimage resistance: Given a message, find another message that hashes the same.

These properties are related but independent. For example, collision resistance implies second preimage resistance, but not the other way around. For any given application, you will have different requirements, needing one or more of these properties. A hash function for securing passwords on a server will usually only require preimage resistance, while message digests require all three.

It has been shown that MD5 is not collision resistant, however, that does not preclude its use in applications that do not require collision resistance. Indeed, MD5 is often still used in applications where the smaller key size and speed are beneficial. That said, due to its flaws, researchers recommend the use of other hash functions in new scenarios.

SHA1 has a flaw that allows collisions to be found in theoretically far less than the 2^80 steps a secure hash function of its length would require. The attack is continually being revised and currently can be done in ~2^63 steps – just barely within the current realm of computability (as of April, 2009). For this reason NIST is phasing out the use of SHA1, stating that the SHA2 family should be used after 2010.

SHA2 is a new family of hash functions created following SHA1. Currently there are no known attacks against SHA2 functions. SHA256, 384 and 512 are all part of the SHA2 family, just using different key lengths.

RIPEMD I can’t comment too much on, except to note that it isn’t as commonly used as the SHA families, and so has not been scrutinized as closely by cryptographic researchers. For that reason alone I would recommend the use of SHA functions over it. In the implementation you are using it seems quite slow as well, which makes it less useful.

In conclusion, there is no one best function – it all depends on what you need it for. Be mindful of the flaws with each and you will be best able to choose the right hash function for your scenario.

More Related Contents:

  1. Encrypt and decrypt a string in C#? [closed]
  2. Calculate MD5 checksum for a file
  3. How to read a PEM RSA private key from .NET
  4. How can I sign a file using RSA and SHA256 with .NET?
  5. Generate and Sign Certificate Request using pure .net Framework
  6. Is there an IDictionary implementation that, on missing key, returns the default value instead of throwing?
  7. Why use the C# class System.Random at all instead of System.Security.Cryptography.RandomNumberGenerator?
  8. How is GetHashCode() of C# string implemented?
  9. MD5 hash with salt for keeping password in DB in C#
  10. How to store/retrieve RSA public/private key
  11. Getting hash of a list of strings regardless of order
  12. Encrypting/Decrypting large files (.NET)
  13. Password encryption/decryption code in .NET
  14. C# SHA-1 vs. PHP SHA-1…Different Results?
  15. Compute a hash from a stream of unknown length in C#
  16. What is the best way to implement this composite GetHashCode()
  17. CryptographicException “Key not valid for use in specified state.” while trying to export RSAParameters of a X509 private key
  18. SHA1 hashing in SQLite: how?
  19. Maximum number of threads in a .NET app?
  20. Is floating-point math consistent in C#? Can it be?
  21. File getting copied to SysWOW64 instead of System32
  22. Determine assembly version during a post-build event
  23. XmlSerializer – There was an error reflecting type
  24. what’s difference between Environment.Exit() and Application.Shutdown()?
  25. EF Data Context – Async/Await & Multithreading
  26. C# attribute name abbreviation
  27. How to convert string to integer in C#
  28. How to serialize static or const member variables using JSON.NET?
  29. Why Use Async/Await Over Normal Threading or Tasks?
  30. C# exception filter?

Leave a Comment