Hash Functions in Blockchain - Security Boulevard

Hash Functions in Blockchain

Introduction to hash functions

Hash functions are one of the most extensively-used cryptographic algorithms in blockchain technology. They are cryptographic (but not encryption) algorithms that are designed to protect data integrity.

In a nutshell, a hash algorithm is a mathematical function that transforms any input into a fixed size output. To be cryptographically secure — and usable in blockchain technology — the hash function needs to be collision resistant, which means that it is difficult to find two inputs that produce the same output.

To accomplish this, a hash function needs to have the following properties:

  • One-way: It is possible to go from input to output in a hash function but not vice versa. This makes it impossible to reverse engineer a collision from the desired hash output
  • Large output space: The only way to find a hash collision is via a brute-force search. According to the Pigeonhole Principle, this requires checking as many inputs as the hash function has possible outputs. This number should be large enough to make a brute force search infeasible
  • Non-locality: In a non-local hash function, similar inputs produce very dissimilar outputs. This is important to protect against hill-climbing attacks

A hash algorithm is considered secure until it is possible to find a collision for it. Once this has occurred, it is officially deprecated, like MD5 and SHA-1.

Uses of hash functions in blockchain

Hash functions are commonly used to protect the integrity of data. Given a trusted hash of the data, it is possible to calculate the hash of the data and compare the two values. If they match, then the data has likely not been modified since the original hash was created.

The blockchain’s digital ledger is designed to store valuable information that can benefit an attacker if modified in their favor. Additionally, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/yfKH28feZFY/