The Hash function is nothing but a mathematical algorithm.

Any function that can be used to map data of “ ARBITRARY “ size to data of a “ FIXED “ size.

The result of a hash function is called Hash values / Hash codes / Hash digest / Hashes / Fingerprint.

BASIC EXAMPLE:

• A “ HASH “ received along with data , provides verifiation of data integrity.
• A secure HASH is nothing but it is paired along with a password or a key. So in this case the hash function paired with password is also used for authentication purpose.

A cryptographic hash functions have 5 properties :

1. DETERMINISTIC : The same message always results in the same hash.
2. Quick to compute the hash value for any given message.
3. It must be infeasible to determine the original message from its hash value except by trying all possible messages.That is hashes can’t be reversed.
4. A small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value.
5. It must be infeasible to find two different messages with the same hash value ( this would be called a “ HASH COLLISION “ ).

Points to remember while choosing a hash function :

1. The longer the digest , the more secure the function.

2. There are many different hash functions available.

3. The most common cryptographic hash functions are,

   • MDS ( Message Digest 5 ) : 128-bit Digest. This is insecure.
   • SHA - 1 ( Secure Hash Algorithm 1 ) : 160-bit Digest . This is also insecure.
   • RIPEND-160 ( Race Integrity Primitives Evaluation Message Digest ) : 160-bit Digest. This is again insecure simialr to SHA-1 , this hash function is used in BIT COINS.
   • SHA-2 ( Secure Hash Algorithm 2 ) : 224 through 512-bit Digest. This is the currently used algorithm in most SSL and TLS certificates.
   • SHA-3 ( Secure Hash Algorithm 3 ) : 224 through 512-bit Digest. More secure than sha-2 but it is not yet been standardized and it is under testing phase by security researchers.
   • WHIRLPOOL : 512-bit Digest. More secure and surprisingly it has no known or proven weakness till date. But it is slower and needs more computational power than the above algorithm thats why it is not implemeted by most of the organizations.
   • BLAKE2 : 8 through 512-bit Digest.

   The below is the graph shown with various hash functions along with its computational speeds. We need to choose our hash functional that is highly secure and also it should have good computational speed. So choose wisely. According to below graph SHA-512 is the best option if you dont have access to use blake , else go with blake algorithm.

   

   SECURE HASH ALGORITHM :

   • To aid in authentication and data integrity validation, Hash algorithms sometimes incorporate a shared password into the formula in addition to the digital message.
   • This prevents spoofing, because a malicious actor cannot create an acceptable hash digest without knowing the shared password.