What is a hash algorithm?

A hash function is a math equation that uses text (such as an e-mail message) to create a code called a message digest. Examples of well-known hash functions are MD4, MD5, and SHS.

A hash function used for digital authentication must have certain properties that make it secure enough for cryptographic use. Specifically, it must be infeasible to find:

  • Text that hashes to a given value. That is, if you know the message digest, you should not be able to figure out the message.
  • Two distinct messages that hash to the same value
The ability to find a message that hashes to a given value would enable an attacker to substitute a fake message for a real message that was signed. It would also enable someone to falsely disown a message by claiming that he or she actually signed a different message hashing to the same value, thus violating the non-repudiation property of digital signatures.

The ability to find two distinct messages that hash to the same value could enable an attack whereby someone is tricked into signing a message that hashes to the same value as another message with a quite different meaning.

, Symantec Corporation. All rights reserved.
 Logo