Hash Functions

Hash function standards are published by ISO and IEC. They include the ISO/IEC 10118 series, which cover n-bit block ciphers, dedicated hash functions, modular arithmetic, and object identifiers.

ISO/IEC 10118-1:2016

Information technology - Security techniques - Hash-functions - Part 1: General

ISO/IEC 10118-1:2016 specifies hash-functions and is therefore applicable to the provision of authentication, integrity and non-repudiation services. Hash-functions map strings of bits of variable (but usually upper bounded) length to fixed-length strings of bits, using a specified algorithm. They can be used for - reducing a message to a short imprint for input to a digital signature mechanism, and - committing the user to a given string of bits without revealing this string. NOTE The hash-functions specified in ISO/IEC 10118 (all parts) do not involve the use of secret keys. However, these hash-functions may be used, in conjunction with secret keys, to build message authentication codes. Message Authentication Codes (MACs) provide data origin authentication as well as message integrity. Techniques for computing a MAC using a hash-function are specified in ISO/IEC 9797 2 [1]. ISO/IEC 10118-1:2016 contains definitions, symbols, abbreviations and requirements that are common to all the other parts of ISO/IEC 10118. The criteria used to select the algorithms specified in subsequent parts of ISO/IEC 10118 are defined in Annex B of this document.

ISO/IEC 10118-2:2010

Information technology - Security techniques - Hash-functions - Part 2: Hash-functions using an n-bit block cipher

ISO/IEC 10118-2:2010 specifies hash-functions which make use of an n -bit block cipher algorithm. They are therefore suitable for an environment in which such an algorithm is already implemented. Block ciphers are specified in ISO/IEC 18033-3. Four hash-functions are specified. The first provides hash-codes of length less than or equal to n , where n is the block-length of the algorithm used. The second provides hash-codes of length less than or equal to 2 n ; the third provides hash-codes of length equal to 2 n ; and the fourth provides hash-codes of length 3 n . All four of the hash-functions specified in ISO/IEC 10118-2:2010 conform to the general model specified in ISO/IEC 10118-1.

ISO/IEC 10118-3:2018

IT Security techniques - Hash-functions - Part 3: Dedicated hash-functions

This document specifies dedicated hash-functions, i.e. specially designed hash-functions. The hash-functions in this document are based on the iterative use of a round-function. Distinct round-functions are specified, giving rise to distinct dedicated hash-functions. The use of Dedicated Hash-Functions 1, 2 and 3 in new digital signature implementations is deprecated. NOTE As a result of their short hash-code length and/or cryptanalytic results, Dedicated Hash-Functions 1, 2 and 3 do not provide a sufficient level of collision resistance for future digital signature applications and they are therefore, only usable for legacy applications. However, for applications where collision resistance is not required, such as in hash-functions as specified in ISO/IEC 9797 2, or in key derivation functions specified in ISO/IEC 11770 6, their use is not deprecated. Numerical examples for dedicated hash-functions specified in this document are given in Annex B as additional information. For information purposes, SHA-3 extendable-output functions are specified in Annex C.

ISO/IEC 10118-4:1998

Information technology - Security techniques - Hash-functions - Part 4: Hash-functions using modular arithmetic

This part of ISO/IEC 10118 specifies two hash-functions which make use of modular arithmetic. These hash-functions, which are believed to be collision-resistant, compress messages of arbitrary but limited length to a hash-code whose length is determined by the length of the prime number used in the reduction-function defined in 7.3. Thus, the hash-code is easily scaled to the input length of any mechanism (e.g., signature algorithm, identification scheme). The hash-functions specified in this part of ISO/IEC 10118, known as MASH-1 and MASH-2 (Modular Arithmetic Secure Hash) are particularly suitable for environments in which implementations of modular arithmetic of sufficient length are already available. The two hash-functions differ only in the exponent used in the round-function.