Network Security - Hash Functions

1. Hash Functions

Definition:
A hash function takes an input (message) and produces a fixed-size string of bytes, typically called a hash value or digest.

Properties of a secure hash function:

1. Deterministic: Same input → same hash

2. Fast computation: Easy to compute for any input

3. Pre-image resistance: Hard to reverse (cannot get original input from hash)

4. Collision resistance: Hard to find two different inputs with the same hash

5. Avalanche effect: Small change in input → large change in hash

Uses:

• Data integrity verification

• Digital signatures

• Password storage (with salt)

• Message authentication codes (MACs)

2. MD5 (Message Digest 5)

• Developed: 1991 by Ronald Rivest

• Output size: 128 bits (16 bytes)

• Process:

  1. Pads the message to a multiple of 512 bits

  2. Divides the message into 512-bit blocks

  3. Processes each block through a series of bitwise operations

  4. Produces a 128-bit hash

Pros:

• Fast and widely supported

• Simple to implement

Cons:

• Vulnerable to collision attacks → not secure for cryptographic use

• Not recommended for digital signatures

3. SHA (Secure Hash Algorithm)

SHA comes in multiple versions:

Process (simplified):

1. Pad the message to a multiple of block size

2. Break message into blocks

3. Apply rounds of logical, modular, and bitwise operations

4. Produce a fixed-length hash output

Pros:

• Stronger than MD5 (especially SHA-2 and SHA-3)

• Widely used in certificates, digital signatures, and blockchain

Cons:

• Slower than MD5 for some applications (trading speed for security)

Comparison: MD5 vs SHA