A hash function or function is a function in computer science that converts input from a wide domain of values ​​into a (usually) smaller range, usually a subset of the integers. It is a form of pseudonimization. The word hash comes from English and means chopping.

Hash features are used in hash tables, cryptography and data processing. A good hash function is one that causes few collisions in the domain with which it works, that is, there is little chance that two different input values ​​will give the same output.

Formally, this means that a good hash function H has the property that follows from H (x) = H (y) that it is very likely that x = y.

An example of this is the SHA family of features. Cryptographic hash

For a cryptographic hash function, it does not only mean that for two coincidental values ​​x and y it is highly unlikely that H (x) = H (y), but also that someone who deliberately searches for such values ​​they will not be able to find . A cryptographic safe hash code has the properties that it is not possible to find out which block data is derived from the particular code and that it is impossible to create two different blocks of data that have the same hash code. As a result, a cryptographic safe hashcode has the characteristics of a digital fingerprint.

Examples of cryptographic hash algorithms are MD5 and the SHA family of hash features. However, MD5 is no longer considered cryptographically safe today. For SHA-1, a theoretical attack is known, so it is also discouraged. Hashing of passwords

For a computer login, a name and password are often required. These passwords are often stored encrypted so that passwords are not known if the passwords file is read by an unauthorized person. This is done by means of a hashing algorithm, which makes it impossible to decrypt the encrypted data. This is also not necessary, as it is sufficient to verify that the user has entered the correct password. However, when encrypting passwords, it is unsafe to use general hash algorithms, and should use special hash algorithms for passwords such as bcrypt, scrypt, or PBKDF. The reason is that normal hash algorithms are designed to be calculated as quickly as possible. In the case of passwords, this is undesirable because it makes it possible for someone who has got the password's hash codes to find out which hash code from which password is derived.

The length and complexity of passwords that people use in practice is limited, while computers are getting faster. This makes it easier for anyone who tries to crack hashcodes for passwords, making it easier for a computer to try out a lot of options. Hash algorithms for passwords block this method by setting these algorithms how much computing time they should cost. The algorithms are then set such that their computing costs for example one millisecond, while calculating a hash code with a common hash algorithm may cost less than one microsecond. When checking a password, it is usually not a problem if it costs a millisecond instead of a microsecond, while someone who wants to crack the hashcodes must do more than a thousand times as much computing, and therefore more than a thousand times longer . Also see

wiki