|
4 | 4 | <qhelp> |
5 | 5 | <overview> |
6 | 6 | <p> |
7 | | - Using a broken or weak cryptographic hash function can leave data |
| 7 | + A broken or weak cryptographic hash function can leave data |
8 | 8 | vulnerable, and should not be used in security related code. |
9 | 9 | </p> |
10 | 10 |
|
11 | 11 | <p> |
12 | 12 | A strong cryptographic hash function should be resistant to: |
| 13 | + <ul> |
| 14 | + <li> |
| 15 | + <b>Pre-image attacks</b>. If you know a hash value <code>h(x)</code>, |
| 16 | + you should not be able to easily find the input <code>x</code>. |
| 17 | + </li> |
| 18 | + <li> |
| 19 | + <b>Collision attacks</b>. If you know a hash value <code>h(x)</code>, |
| 20 | + you should not be able to easily find a different input |
| 21 | + <code>y</code> |
| 22 | + with the same hash value <code>h(x) = h(y)</code>. |
| 23 | + </li> |
| 24 | + <li> |
| 25 | + <b>Brute force</b>. For passwords and other data with limited |
| 26 | + input space, if you know a hash value <code>h(x)</code> |
| 27 | + you should not be able to find the input <code>x</code> even using |
| 28 | + a brute force attack (without significant computational effort). |
| 29 | + </li> |
| 30 | + </ul> |
13 | 31 | </p> |
14 | | - <ul> |
15 | | - <li> |
16 | | - <b>Pre-image attacks</b>. If you know a hash value <code>h(x)</code>, |
17 | | - you should not be able to easily find the input <code>x</code>. |
18 | | - </li> |
19 | | - <li> |
20 | | - <b>Collision attacks</b>. If you know a hash value <code>h(x)</code>, |
21 | | - you should not be able to easily find a different input |
22 | | - <code>y</code> |
23 | | - with the same hash value <code>h(x) = h(y)</code>. |
24 | | - </li> |
25 | | - <li> |
26 | | - <b>Brute force</b>. For passwords and other data with limited |
27 | | - input space, if you know a hash value <code>h(x)</code> |
28 | | - you should not be able to find the input <code>x</code> even using |
29 | | - a brute force attack (without significant computational effort). |
30 | | - </li> |
31 | | - </ul> |
32 | 32 |
|
33 | 33 | <p> |
34 | 34 | As an example, both MD5 and SHA-1 are known to be vulnerable to collision attacks. |
|
51 | 51 |
|
52 | 52 | <p> |
53 | 53 | Ensure that you use a strong, modern cryptographic hash function, such as: |
| 54 | + <ul> |
| 55 | + <li> |
| 56 | + Argon2, scrypt, bcrypt, or PBKDF2 for passwords and other data with limited input space where |
| 57 | + a dictionary-like attack is feasible. |
| 58 | + </li> |
| 59 | + <li> |
| 60 | + SHA-2, or SHA-3 in other cases. |
| 61 | + </li> |
| 62 | + </ul> |
54 | 63 | </p> |
55 | 64 |
|
56 | | - <ul> |
57 | | - <li> |
58 | | - Argon2, scrypt, bcrypt, or PBKDF2 for passwords and other data with limited input space where |
59 | | - a dictionary-like attack is feasible. |
60 | | - </li> |
61 | | - <li> |
62 | | - SHA-2, or SHA-3 in other cases. |
63 | | - </li> |
64 | | - </ul> |
65 | | - |
66 | 65 | <p> |
67 | 66 | Note that special purpose algorithms, which are used to ensure that a message comes from a |
68 | 67 | particular sender, exist for message authentication. These algorithms should be used when |
|
95 | 94 | <a href="https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.html"> |
96 | 95 | Transport Layer Security Cheat Sheet |
97 | 96 | </a> |
| 97 | + </li> |
| 98 | + <li> |
98 | 99 | GitHub: |
99 | 100 | <a href="https://github.com/RustCrypto/hashes?tab=readme-ov-file#rustcrypto-hashes"> |
100 | 101 | RustCrypto: Hashes |
|
103 | 104 | <a href="https://github.com/RustCrypto/password-hashes?tab=readme-ov-file#rustcrypto-password-hashes"> |
104 | 105 | RustCrypto: Password Hashes |
105 | 106 | </a> |
| 107 | + </li> |
| 108 | + <li> |
106 | 109 | The RustCrypto Book: |
107 | 110 | <a href="https://rustcrypto.org/key-derivation/hashing-password.html"> |
108 | 111 | Password Hashing |
109 | 112 | </a> |
110 | | - |
111 | 113 | </li> |
112 | 114 | </references> |
113 | 115 |
|
|
0 commit comments