[Cryptographic Algorithms] Security Strength of Cryptographic Hash Algorithms
Hash (Hash) Algorithm Security Strength—【Su Xiaomu】
Article directory
(1) Security Strength
Security Strength (Security Strength): Characterizes the workload required to break a cryptographic algorithm or system, the unit is bit .
Significance: The security strength of an algorithm is x bits, which means that the amount of calculation required to break it is at most 2ᕽ times .
Security strength ≠ key length , also depends on many factors: algorithm, parameter scale (key, group length, etc.), purpose, existing attack methods...
(2) Security strength and comparison of hash algorithms
Algorithms with less than 80 bit security strength have been banned.
After 2030, the 112-bit security strength no longer meets the requirements, and its use will be prohibited or restricted.
| cryptographic hash algorithm | Construction method | Output length (bits) | Packet length (bits) | Security strength (bits) | |
| MD5 | MD structure | 128 | 512 | (≤80) Collision found | |
| SHA-1 | 160 | 512 | (≤80) Collision found | ||
| SHA-2 | SHA-224 | 224 | 512 | 112 | |
| SHA-256 | 256 | 128 | |||
| SHA-384 | 384 | 1024 | 192 | ||
| SHA-512 | 512 | 256 | |||
| SHA-3 | SHA3-224 | sponge structure | 224 | 1152 | 112 |
| SHA3-256 | 256 | 1088 | 128 | ||
| SHA3-384 | 384 | 832 | 192 | ||
| SHA3-512 | 512 | 576 | 256 | ||
| SHAKE128 | Any length(d) | 1344 | min(d/2,128) | ||
| SHAKE256 | Any length(d) | 1088 | min(d/2,256) | ||
| SM3 | MD structure | 256 | 512 | 128 | |
Summarize
The writing is one-sided and is purely for record keeping. Any errors or omissions are welcome to be corrected.
[ The ownership of the work belongs to the author Su Xiaomu , please indicate the source of the article when reprinting ]
| name | time |
|---|---|
| Start editing date | April 19, 2023 |
| Last edited date | April 19, 2023 |