11. Hash Functions

Question 1

What is a cryptographic hash function?

Answer 1

A function that maps input of any size to a fixed-size output.

Question 2

What is the output of a hash function called?

Answer 2

Hash value or hash code.

Question 3

What is compression in hash functions?

Answer 3

Producing fixed-size output from variable-size input.

Question 4

What is efficiency in hash functions?

Answer 4

Hashes can be computed quickly.

Question 5

What does one-way property mean?

Answer 5

It is infeasible to invert the hash.

Question 6

What is preimage resistance?

Answer 6

Difficulty of finding x from h(x).

Question 7

What is weak collision resistance?

Answer 7

Hard to find y ≠ x with h(y)=h(x) given x.

Question 8

What is strong collision resistance?

Answer 8

Hard to find any x ≠ y with h(x)=h(y).

Question 9

Why must collisions exist?

Answer 9

Input space is larger than output space.

Question 10

What is a collision?

Answer 10

Two different inputs producing the same hash.

Question 11

Why are collisions dangerous?

Answer 11

They undermine integrity and signatures.

Question 12

What is the main use of hash functions in cryptography?

Answer 12

Digital signatures.

Question 13

Why are hashes used in signatures?

Answer 13

To avoid signing large messages directly.

Question 14

What is h(M) in digital signatures?

Answer 14

A fingerprint of message M.

Question 15

What is the avalanche effect?

Answer 15

Small input changes cause large output changes.

Question 16

Why is avalanche effect important?

Answer 16

Prevents attackers from predicting hashes.

Question 17

What advantage does signing h(M) provide?

Answer 17

Improves efficiency and saves bandwidth.

Question 18

What is the birthday paradox?

Answer 18

High probability of collisions with many samples.

Question 19

How does birthday paradox affect hashes?

Answer 19

Collisions expected after about 2^(N/2) hashes.

Question 20

What is the birthday attack?

Answer 20

Finding collisions using birthday paradox.

Question 21

How many hashes needed for collision in N-bit hash?

Answer 21

About 2^(N/2).

Question 22

How does hash security compare to symmetric keys?

Answer 22

Hash output must be about twice key length.

Question 23

What is computational cost to break N-bit hash?

Answer 23

About 2^(N/2) operations.

Question 24

What is a non-cryptographic hash?

Answer 24

A hash not designed for security.

Question 25

Why are simple hashes insecure?

Answer 25

They have short output and structure.

Question 26

Give an example of non-cryptographic hash.

Answer 26

CRC.

Question 27

What is CRC?

Answer 27

Cyclic Redundancy Check.

Question 28

What is CRC mainly used for?

Answer 28

Detecting transmission errors.

Question 29

Why is CRC unsuitable for security?

Answer 29

Collisions are easy to find.

Question 30

Where was CRC misused?

Answer 30

WEP protocol.

Question 31

What is algebraic structure in hashes?

Answer 31

Predictable mathematical patterns.

Question 32

Why is algebraic structure bad?

Answer 32

Makes collisions easy.

Question 33

What is a fingerprint in hashing?

Answer 33

A short identifier of data.

Question 34

How many bits typically change in good hash?

Answer 34

About half.

Question 35

What happens if M changes slightly?

Answer 35

h(M) changes significantly.

Question 36

What is strong avalanche effect?

Answer 36

Outputs are uncorrelated after small changes.

Question 37

Why must hashes be efficient?

Answer 37

Otherwise signing becomes expensive.

Question 38

When is a hash considered secure?

Answer 38

When no practical collisions are known.

Question 39

What trade-off exists in hash design?

Answer 39

Efficiency vs security.

Question 40

How is hash design similar to block ciphers?

Answer 40

Uses rounds and diffusion.

Question 41

What attack forces exhaustive search?

Answer 41

Good avalanche effect.

Question 42

What is exhaustive collision search?

Answer 42

Trying many inputs to find collisions.

Question 43

Name modern hash functions.

Answer 43

SHA-256, MD6.

Question 44

What security property supports integrity?

Answer 44

Collision resistance.

Question 45

What property supports password storage?

Answer 45

One-way property.

Question 46

Why are hash outputs fixed length?

Answer 46

For compression and comparison.

Question 47

What is the main lesson of birthday attacks?

Answer 47

Longer hashes are needed for security.

Question 48

What is the bottom-line rule for hash size?

Answer 48

Output should be about twice key size.

Question 49

What role do hashes play in authentication?

Answer 49

Verify data integrity and origin.

Question 50

What happens if collisions are easy?

Answer 50

Signatures and integrity fail.