The first section is wrong (emphasis mine):<p>> A hash function is simply an algorithm that takes a string of any length and reduces it to a <i>unique</i> fixed length string.<p>Hash functions strive for uniqueness but unless it's precalculated to ensure that it's true (by hashing every combination or deriving the parameters of the hash function accordingly), it's not guaranteed. A <i>cryptographic</i> hash function gives a high probability of uniqueness but again it's not guaranteed.<p>> The word 'cat' will hash to something that no other word hashes too, but it will always hash to the same thing.<p>Say I have a (terrible) hash function H(X) => 1. Now "cat" will hash to the same value as the string "<i>I don't understand hash functions</i>".
>The word 'cat' will hash to something that no other word hashes too, but it will always hash to the same thing.<p>Don't hashing functions have collisions?
This is really a walk through of the SHA-1 algorithm.<p>It's also worthwhile to note that the statement that a hash takes a string and reduces it to a fixed length string is a little misleading. They really work at the binary level and this is seen in the example where the input is converted to binary assuming ASCII and the output hex encoded.
The title probably should be 'Cryptographic Hash Algorithms'. The definitions from the post are approximately true for cryptographic hashes but not really for hash functions in general.
It's a nice article, although they probably need to say that they're talking about cryptographic hashes earlier on, at least mention that some hashes are very easy to find collisions with.
So there's a lot of talk about how encryption algorithms relying on the difficulty of factoring primes could be weakened by quantum computers in the near future.<p>Are there any technological advances or scenarios where the security of hash algorithms could be weakened (other than computers just getting fasters via ~Moore's Law).
I have a question about Step 5 in the post, it states:<p>Is "Step 5: Add '1' to the end"<p>Is this a delimiter for beginning of the padding or does it server some other purpose?
>Finally, if I were to give you only 'a94a8fe5ccb19ba61c4c0873d391e987982fbbd3' and tell you that it came from the SHA-1, you should have absolutely no way to figure out what was put into the function to create that.<p>add a "rainbow tables" caveat to that.
Title is missleading. From the title I expected something about how to design a hash algorithm, but the article is just a walk through the specific operations SHA-1 performs w/o further explanation.<p>Can anyone recommand resources about the actual design of (cryptographic) hash algorithms?
A hash function takes variable length input and returns a fixed length output, that's all. Then there are sub-categories optimized for things like use in hash tables or building blocks in crypto, all with varying emphasis on uniqueness, output size and speed.
Title is very misleading. Only one hash function is presented. Afaict the presented hashing function is not even named. Is it SHA1? No motivation is given, just (pseudo)code.