Niko Gamulin
Niko Gamulin

Reputation: 66565

How to create a hash function to mask confidential informations?

In the current project I would like to create my own hash function but so far haven't gained much theoretical background on hashing principle.

I would be very thankful if anyone of you could suggest any useful resource about the theory of hashing, cryptography and practical implementations of hash functions.

Thank you!

P.S. As hashing blocks of informations in this case is a part of larger research project I would like to create a hash function on my own and this way learn the principle rather than use the existing libraries. The informations I am working on will stay in house so there is no need to worry about the possible attacks.

Upvotes: 2

Views: 4163

Answers (4)

Joe White
Joe White

Reputation: 97778

  1. Don't. Existing encryption and hashing algorithms (as pointed out in the comments above, they have little to do with each other) have been designed by experts and extensively peer-reviewed. Anything you write from scratch will suck in comparison. Guaranteed. Really. The only thing you'll gain is a false sense of security -- your algorithm won't be peer-reviewed, so you'll think it's more secure than it actually is.

  2. But if you do want to know more about the theory (and gain an appreciation for why you shouldn't do it yourself), read "Applied Cryptography" by Bruce Schneier. You won't find a better resource.

Brush up on your math first.

Upvotes: 10

Gavriel Feria
Gavriel Feria

Reputation: 419

Like the others said, do not make a new kind of hash (the code will get complicated and you might as well reinvent SHA1 or MD5.) Study cryptography first. But if you are willing to, look at existing hashes (most are based on another). Or you can look at the hash model. The hash model looks like:

  1. A mixing stage (mix up the contents and modify)
  2. A combining stage (combine the data in the mixing stage with the initial state [the original hash])

Or maybe start with something simple and build up from it (to make a secure hash).

Upvotes: 0

erickson
erickson

Reputation: 269797

First of all, if you use the right terminology, you'll be better able to find helpful resources.

"Encryption" is performed with ciphers, not cryptographic hash functions. You'll never find a reliable reference that mentions a hash as an "encryption function". So, if you are trying to learn about hashes, leave "encryption" out.

Another term for "cryptographic hash" is "message digest," so keep that in mind as you search.

Many chapters of an excellent book, The Handbook of Applied Cryptography are available for free online. Especially check out Chapter 9, "Hash Functions and Data Integrity."

Upvotes: 3

Jeff LaFay
Jeff LaFay

Reputation: 13350

Instead of writing your own hashing function have you considered using a standard hashing function from a library and then salting the data you're hashing? That is common practice and ensures that anyone with software that decrypts data with standard encryption functions doesn't intercept your data and decipher it.

Upvotes: 0

Related Questions