Search results
Results From The WOW.Com Content Network
SHA-2: A family of two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-bit words where SHA-512 uses 64-bit words. There are also truncated versions of each standard, known as SHA-224, SHA-384, SHA-512/224 and SHA-512/256. These were also designed by the NSA.
SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. [ 3 ] [ 4 ] They are built using the Merkle–Damgård construction , from a one-way compression function itself built using the Davies–Meyer structure from a specialized block cipher.
A common use of one-way compression functions is in the Merkle–Damgård construction inside cryptographic hash functions. Most widely used hash functions, including MD5, SHA-1 (which is deprecated [2]) and SHA-2 use this construction. A hash function must be able to process an arbitrary-length message into a fixed-length output.
The following tables compare general and technical information for a number of cryptographic hash functions. See the individual functions' articles for further information.
SHA2 is designed to be extremely lightweight so it can run on lightweight devices (e.g. smart cards). [19] This means PBKDF2 is very weak for password storage, as commodity SHA-2 hashing hardware that can perform trillions of hashes per second is easily procured. [20] [21] scrypt: scrypt is weaker than bcrypt for memory requirements less than 4 MB.
SHA-3 (Secure Hash Algorithm 3) is the latest [4] member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. [5] [6] [7] Although part of the same series of standards, SHA-3 is internally different from the MD5-like structure of SHA-1 and SHA-2.
Generally, the basic security of cryptographic hash functions can be seen from different angles: pre-image resistance, second pre-image resistance, collision resistance, and pseudo-randomness. Pre-image resistance: given a hash h, it should be hard to find any message m such that h = hash(m). This concept is related to that of the one-way function.
[1] [2] [3] Truncated versions of SHA-2, including SHA-384 and SHA-512/256 are not susceptible, [4] nor is the SHA-3 algorithm. [5] HMAC also uses a different construction and so is not vulnerable to length extension attacks. [6] Lastly, just performing Hash(message ‖ secret) is enough to not be affected. [citation needed]