The best review of hash function techniques is provided by Preneel [Pre93]. For a brief overview here, we note that hash functions are often divided into three classes:
- Hash functions built around block ciphers.
- Hash functions using modular arithmetic.
- Hash functions with what is termed a "dedicated" design.
By building a hash function around a block cipher, a designer aims to leverage the security of a well-trusted block cipher such as DES (see Section 3.2) to obtain a well-trusted hash function. The so-called Davies-Meyer hash function [Pre93] is an example of a hash function built around the use of DES.
The purpose of employing modular arithmetic in the second class of hash functions is to save on implementation costs. A hash function is generally used in conjunction with a digital signature algorithm which itself makes use of modular arithmetic. Unfortunately, the track record of such hash functions is not good from a security perspective and there are no hash functions in this second class that can be recommended for use today.
The hash functions in the third class, with their so-called "dedicated" design, tend to be fast, achieving a considerable advantage over algorithms that are based around the use of a block cipher. MD4 is an early example of a popular hash function with such a design. Although MD4 is no longer considered secure for most cryptographic applications, most new dedicated hash functions make use of the same design principles as MD4 in a strengthened version. Their strength varies depending on the techniques, or combinations of techniques, employed in their design. Dedicated hash functions in current use include MD5 and SHA-1 (see Questions 3.6.5 and 3.6.6), as well as RIPEMD-160 [DBP96] and HAVAL [ZPS93].