Keys are used with the encryptor and decryptor, as seen in the image above.

Only the sender

and receiver of the message are on the key. The message transferred cannot be encrypted or
decrypted if the key is not used. It is like we have installed a lock on the message, and anyone
with the key can only access it. This key can be public or private. This enables us to
achieve confidentiality.

There are several ways to authenticate messages in cryptography. Three main ways are

 Message encryption.

 Message authentication code.

 Hash functions.

Hash Functions
Hash functions in cryptography are used to create authentic and confidential messages.
Hash Functions in cryptography generate a code to check the message's authenticity. In
layman's language, we say that any document is hashed (passes through a hash function) to
develop a hash value(code) using a hash function in cryptography.

The hash value is also called a message digest.

As discussed in the previous section, we require a message, keys, and function in general to
perform any type of authentication. Hash functions are a bit different.

H(M)= fixed length code (hash code h)

Where “H” is the hash function,

“M” is the message,
“h” is the hash value or code(message digest).

Working of Hash Functions

The working of a hash function depends on three main elements.

 Hash function
Functions that create hash codes for senders and receivers to access data files for
transferring are called hash functions.

 Message
Message refers to the data information that is to be transferred.

 Hash code (message digest)

You can consider this as a password that the sender generates and encrypts within the
message to be transferred. The receiver decrypts the code within the message and
generates one separately. If both codes match, message authentication is received.

These three work together to provide authentication as follows.

  The message goes through a hash function.

 The function creates a hash code “h.”

 The hash code and messages are combined.

 We again use a hash function when the message is received to generate a hash code.

 If it matches the received hash code, the message is authentic.

 We might use encryption and decryption with or without keys to developing

confidentiality and security.

Properties of Hash Functions

A few essential properties of hash functions are crucial for the security of hash functions in
cryptography.
These are as follows:

 Hash functions can take a message input of any length.

 The output of the hash function is always fixed-sized.

 You cannot infer the input with the help of output.

 Hash functions are one-way.

 It is highly efficient because computing H(M)=h is easy.

 Works for software and hardware both.

System Security Goals

Just as we need goals in life to excel and succeed, similarly, we need to set some security
goals to ensure the security of hash functions in cryptography.
Some significant goals are as follows:

 Integrity
This is achieved when no person other than the sender and receiver can access the
data or information transferred.

 Secrecy
This is achieved when system files are accessible to a set of people and not common
to view for all.

 Availability
This is achieved when the accessibility of data or information is for a set of people
and not just one person or two.

Security of Hash Functions

There are, in total, three ways by which the security of hash functions in cryptography is
achieved. We will learn and understand all of them one by one.

Preimage resistance

Hash functions provide preimage resistance. This concept says that the original function
H(M)=h cannot resolve H(N)=h.

H(M)=h

h=! H(M)
Where M is the message input,
h is hash code,
H is a hash function.

This means it is practically impossible to obtain a message from a hash code as it is one-way.

Second Preimage Resistance

Hash functions provide second preimage resistance. This concept says that the original
function H(M) can never be equal to H(N), where n and m are different messages.

H(M)!=H(N)

Where M and N are different message inputs,

H is a hash function.

This means it is practically impossible to obtain a different input message when we decode a
hash value. The second preimage resistance works on the one-way principle of hash
functions.
This ensures the security of hash functions in cryptography in the following ways:

 An attacker cannot read or observe data messages.

 An attacker cannot create a fake hash code for messages received in the absence of
security.

 An attacker cannot generate an alternative message for the same hash codes.

Collision Resistance

Hash functions provide collision resistance. This concept says that the original function H(M)
is not equal to H(N)
It is similar to the second pre-image resistance. The difference is that in collision resistance,
you cannot have two messages that indicate the same output of hash values. Whereas in the
second preimage resistance, a hash value cannot indicate a different input message.

H(M)!=H(N)

Where M and N are different message inputs,

H is a hash function.

This means that it is practically impossible to create a hash value that indicates two distinct
message inputs.

This ensures the security of hash functions in cryptography, not creating confusion and providing one
message input that is authenticated.
Comparison between the Security Criterias

The following table compares the three security requirements for hash functions: collision resistance,
second preimage resistance, and preimage resistance.

Feature Preimage resistance Second preimage Collision resistance

resistance

Hash function Weak Weak Strong

Requirements It is the first property. Before the second Before collision

preimage resistance, the resistance, the second
preimage resistance is preimage resistance is
needed. needed.

Length of Bits Minimum 80 bits Not less than 90 bits 160 bits

Checking of Computationally Computationally Computationally

Hash Function infeasible to find y infeasible to find y!=x infeasible to find two
such that H(y) = h. with H(y) = H(x). messages, x and y, such
that Hash(x) = Hash(y).

Function It is practically It is practically impossible It is practically impossible

impossible to obtain a to obtain a different input to create a hash value
message from a hash message when we decode that indicates two distinct
code. a hash value. message inputs.

Attacks Difficult Difficult Easier

Resistance Weak Weak Strong