Irreversible hashing algorithms

[sec_ware]

Hi

Those one-way hashing algorithms are indeed "irreversible" in the meaning
that they are not invertible. Even with infinite computer power you won't
be able to deduce the input unambiguous.

Example - "mod": 5 mod 2 = 1. 3 mod 2 = 1. 7 mod 2 = 1. So, you know the
output is "1" - what's the input?

-> Applying a hash function, you actually loose information. In order to
have a hash function with a certain usability, the output "space" however should
be somewhat large, otherwise you could easily modify a message without
being detected (that's the whole purpose of a hash function).

Furthermore, there are so-called "collisions": these are input values with the
same output (in the above example: 3, 5 and 7). The larger the output space
and "better" the hashing function, the less likely it is to get a collision. With
an algorithm like MD5, SHA..., take a 650MB image of a cd, calculate the hash,
change 1 byte, take again the hash: the output is completely different. That's a good algorithm.


Strength as a "Weakness": If you know that the input text is of a certain
length (like an email), you now the alphabet used (a-z, A-Z, 0-9, !, ?, ...)
and the language, then you may be able to produce a few readable texts
with the known hashing output (assuming really huge computer ressources...).
But this is (usually and today) an academic weakness. We say we "restrict
the input space" based on reasonable assumptions. And thus may be able
to filter out the correct answer. In the above example: we know for some reason,
our integer number has to be >=4 and <=6. If we get a hashing output "1"
we know it must be 5.


Hope this helps,
Cheers