Analysis and Comparison of Hash Functions in Terms of Security and Performance

Introduction

Cryptology is the science of secret messages/communications (Qian et al., 2022). It is a mathematics-based science that studies and develops methods for the safe transmission of data, safe storage of data and verification of data integrity in the field of communications. It is divided into two branches as cryptography and cryptanalysis (Mihailescu & Nita, 2023). Cryptography is the science of information security (Ural & Örenç, 2019). Cryptanalysis, on the other hand, is a branch of cryptology that deals with information security and the process of cracking secure/encrypted information (Banoth & Regar, 2023). Cryptanalysts often try to decrypt and test the security of cryptographic functions.

Today, due to the rapidly developing technology and rapid developments in communication systems, ensuring information security has become an increasingly important issue. Hash functions are among the most important cryptographic algorithms and form the basis of various cryptological functions used in many fields (Sadeghi-Nasab & Rafe, 2023). As shown in Figure 1, they take an input of arbitrary length and produce a hashed representation of that input (Paar & Pelzl, 2009). They take different sizes of input and generate fixed size outputs each time, and the output of the hash function is called “hash value”.

Figure 1.

How hash functions operate?

Hash functions are used in many fields such as generation of passwords and encryption which are the building blocks of cryptology, digital signatures, data integrity control, crypto storage, and random number generation. Standardized hash functions have been readily available and used in software programming frameworks and hardware devices for years. However, some of those hash functions like MD5 and SHA-1 were broken (Leurent & Peyrin, 2020). Using a weak or broken hash function can leave data vulnerable, and should not be used.

It may be necessary to use different hash functions depending on the purpose and situation of use. Because hash functions differ greatly in speed and security between those used for data validation and those used to derive and store keys. Although most of the existing hash functions have lost their reliability, they are still actively used. Because the vast majority of programmers generally use standard cryptology libraries and frameworks for the security part of the software they produce. In this chapter, firstly commonly used hash functions are described. Then, security and speed of the hash functions are evaluated.

Cryptographic Hash Functions And Their Common Features

Regardless of the length of the input size of the data, all hash functions should have the same output length, and the same data should always yield the same hash output value. Since the hash value will be a fixed length value; it will be easier and more convenient to reserve space for summary in database, file format or network protocol area. It also helps prevent hackers from knowing how big the original input is because all output is fixed length and does not change, no matter how long or short the original input is.

Hash functions are one-way functions. You cannot decode the original input data using the hash value. This means that you can easily convert a data to a hash value, but it will be impossible to derive the data from the hash value (Paar & Pelzl, 2009). In other words, given a hash value h, it should be difficult to find any m messages such that h = hash (m). Summary functions should always be one-way. This feature protects against an attacker targeting only the hash and original message data. Similarly, it should be difficult to find a different entry with the same hash (Paar & Pelzl, 2009) . Given an m1 data entry, it should be difficult to find a different m2 entry such that hash (m1) = hash (m2). It provides protection against an attacker who wants to introduce a different value as a legitimate value instead of the original data with a hash value.