Hash function security summary
This article summarizes publicly known attacks against cryptographic hash functions. Note that not all entries may be up to date.
| Algorithm is safe |
| Theoretical break |
| Attack demonstrated in practice |
Common hash functions
Collision resistance
| Hash function | Security claim | Best attack | Publishing date |
|---|---|---|---|
| MD5 | 264 | 224.1 time | 2007 June[1] |
| SHA-1 | 280 | 263 | 2005-08-17[2][3] |
| SHA256 | 2128 | 24 of 64 rounds (228.5) | 2008-11-25[4] |
| SHA512 | 2256 | 24 of 80 rounds (232.5) | 2008-11-25[4] |
Preimage resistance
| Hash function | Security claim | Best attack | Publishing date |
|---|---|---|---|
| MD5 | 2128 | 2123.4 | 2009-04-16[5] |
| SHA-1 | 2160 | ||
| SHA256 | 2128 | 41 of 64 rounds | 2008-11-25[6] |
| SHA512 | 2256 | 46 of 80 rounds | 2008-11-25[6] |
See also
References
- ^ M.M.J. Stevens (June 2007). "On Collisions for MD5" (PDF).
{{cite journal}}: Cite journal requires|journal=(help) - ^ Xiaoyun Wang, Yiquin Lisa Yin, Hongobo Yu. "Finding Collisions in the Full SHA-1" (PDF).
{{cite journal}}: Cite journal requires|journal=(help)CS1 maint: multiple names: authors list (link) - ^ Bruce Schneier (2005-08-17). "New Cryptanalytic Results Against SHA-1".
- ^ a b Somitra Kumar Sanadhya, Palash Sarkar (2008-11-25). "New Collision Attacks against Up to 24-Step SHA-2".
{{cite journal}}: Cite journal requires|journal=(help) - ^ Yu Sasaki, Kazumaro Aoki (2009-04-16). "Finding Preimages in Full MD5 Faster Than Exhaustive Search". Springer Berlin Heidelberg.
{{cite journal}}: Cite journal requires|journal=(help) - ^ a b Yu Sasaki, Lei Wang, and Kazumaro Aoki. "Preimage Attacks on 41-Step SHA-256 and 46-Step SHA-512" (PDF).
{{cite journal}}: Cite journal requires|journal=(help)CS1 maint: multiple names: authors list (link)