The best review of hash function techniques is provided by Preneel [Pre93].
For a brief overview here, we note that hash functions are often divided into three classes according to their design:
- those built around block ciphers,
- those which use modular arithmetic, and
- those which have what is termed a "dedicated" design.
By building a hash function around a block cipher, it is intended that by using a well-trusted block cipher such as DES (see Question 64) a secure and well-trusted hash function can be obtained. The so-called Davies-Meyer hash function [Pre93] is an example of a hash function built around the use of DES.
The use of modular arithmetic in the second class of hash functions is intended to save on implementation costs when the hash function is used in conjunction with a digital signature algorithm that also uses modular arithmetic. Unfortunately, the track record of such hash functions is not good from a security perspective and there are no hash functions in this second class that can be recommended today.
The hash functions in the third class, with their so-called "dedicated" design, tend to be fast, giving a considerable advantage over algorithms that are based around the use of a block cipher. Along with MD5 and SHA-1 (see Question 99 and Question 100) RIPE-MD [DBP96] and HAVAL [ZPS93] are dedicated hash functions that also have a similar design to MD4.
| Question 102|