I would love to understand at the most basic level what their differences are. When is each one used?
Any advantages and disadvantages?
Asked
Active
Viewed 896 times
2
-
See also [Checksum vs. Hash: Differences and Similarities?](https://security.stackexchange.com/questions/194600/checksum-vs-hash-differences-and-similarities) – Sjoerd Aug 04 '19 at 19:50
1 Answers
5
An example of a cryptographic hash function is SHA256. An example of a non-cryptographic hash function is CRC32.
A cryptographic hash could be used, for example, for a cryptographically strong Message Authentication Code (MAC, or, in practice, as a component of HMAC for key-based integrity) or as a component in an authenticated encryption (AE or AEAD) scheme. Here, the meaning of "cryptographically strong" is that the hash function satisfies certain properties such as, for example, the hash value (the output of the hash function) doesn't have any collisions that, for example, could be exploited by an attacker. For more information, the book "Introduction to Modern Cryptography" by Katz and Lindell discusses properties of cryptographic hash functions.
A non-cryptographic hash could be used, for example, as a checksum for a small amount of data if you are not worried about an attacker trying to modify it. E.g., some data stored in an EEPROM only accessed by other trusted components on a circuitboard.
hft
- 4,910
- 17
- 32
-
Probably worth pointing out that cryptographic hashes generally shouldn't be used by themselves as a MAC, but as part of a construction such as HMAC or KMAC – AndrolGenhald Aug 04 '19 at 21:37
-
1