Top Qs
Timeline
Chat
Perspective
Hash function security summary
Publicly known attacks against cryptographic hash functions From Wikipedia, the free encyclopedia
Remove ads
This article summarizes publicly known attacks against cryptographic hash functions. Note that not all entries may be up to date. For a summary of other hash function parameters, see comparison of cryptographic hash functions.
Table color key
No attack successfully demonstrated — attack only breaks a reduced version of the hash or requires more work than the claimed security level of the hash
Attack demonstrated in theory — attack breaks all rounds and has lower complexity than security claim
Attack demonstrated in practice — complexity is low enough to be actually used
Common hash functions
Collision resistance
Chosen prefix collision attack
Preimage resistance
Length extension
- Vulnerable: MD5, SHA1, SHA256, SHA512
- Not vulnerable: SHA384, SHA-3, BLAKE2
Remove ads
Less-common hash functions
Collision resistance
Preimage resistance
Attacks on hashed passwords
Hashes described here are designed for fast computation and have roughly similar speeds.[31] Because most users typically choose short passwords formed in predictable ways, passwords can often be recovered from their hashed value if a fast hash is used. Searches on the order of 100 billion tests per second are possible with high-end graphics processors.[32][33] Special hashes called key derivation functions have been created to slow brute force searches. These include pbkdf2, bcrypt, scrypt, argon2, and balloon.
Remove ads
See also
References
External links
Wikiwand - on
Seamless Wikipedia browsing. On steroids.
Remove ads