One-Way Hash Primitives
Hash functions are used in cryptography with digital signatures and for ensuring data integrity.
When used with digital signatures, a publicly available hash function hashes the message and signs the resulting hash value. The party who receives the message can then hash the message and check if the block size is authentic for the given hash value.
Hash functions are also referred to as “message digests” and “one-way encryption functions”. Both terms are appropriate since hash algorithms do not have a key like symmetric and asymmetric algorithms and you can recover neither the length nor the contents of the plaintext message from the ciphertext.
To ensure data integrity, hash functions are used to compute the hash value that corresponds to a particular input. Then, if necessary, you can check if the input data has remained unmodified; you can re-compute the hash value again using the available input and compare it to the original hash value.
The
Hash Functions section describes functions that implement the following hash algorithms for streaming messages: MD5 [RFC 1321], SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 [FIPS PUB 180-2]
, and SM3 [SM3]
. These algorithms are widely used in enterprise applications nowadays.
Subsequent sections describe
Hash Functions for Non-Streaming Messages, which apply hash algorithms to entire (non-streaming) messages, and
Mask Generation Functions, whose algorithms are often based on hash computations.
Additionally, Intel® Integrated Performance Primitives (Intel® IPP) Cryptography supports two relatively new variants of SHA-512, the so called SHA-512/224 and SHA-512/256 algorithms. Both employ much of the basic SHA-512 algorithm but have some specifics. Intel IPP Cryptography does not provide a separate API exactly targeting SHA-512/224 and SHA-512/256. To enable SHA-512/224 and SHA-512/256, Intel IPP Cryptography declares extensions of the Hash Functions,
Hash Functions for Non-Streaming Messages,
Mask Generation Functions, and
Keyed Hash Functions. These extensions use the
IppHashAlgId
enumerator associated with a particular hash algorithm as shown in the table below.
Value of
IppHashAlgId | Associated Hash Algorithm
|
|---|---|
ippHashAlg_SHA1 | SHA-1
|
ippHashAlg_SHA224 | SHA-224
|
ippHashAlg_SHA256 | SHA-256
|
ippHashAlg_SHA384 | SHA-384
|
ippHashAlg_SHA512 | SHA-512
|
ippHashAlg_SHA512_224 | SHA-512/224
|
ippHashAlg_SHA512_256 | SHA-512/256
|
ippHashAlg_MD5 | MD5
|
ippHashAlg_SM3 | SM3
|
Reduced Memory Footprint Functions
When your application uses the
IppHashAlgId
enumerator, it gets linked to all available hashing algorithm implementations. This results in unnecessary memory overhead if the application does not need all the algorithms. Intel IPP Cryptography includes a number of
reduced memory footprint
functions that allow you to select the exact hashing methods for your application's needs. These functions have the
_rmf
suffix in their names and use pointers to
IppsHashMethod
structure variables instead of
IppHashAlgId
values. To get a pointer to a
IppsHashMethod
structure variable, call an appropriate function from the table below. See
HashMethod
for the syntax.
Functions that have the
_TT
suffix in their names return pointers to dynamically dispatched
IppsHashMethod
structures. These structures check for support of the SHA-NI instruction set at run time and choose the implementation of an algorithm depending on the outcome of the check. Using such
IppsHashMethod
structures leads to a slightly larger memory footprint compared to applications that use non-dynamically dispatched
IppsHashMethod
structures.
Function name
| Returns pointer to implementation of
|
|---|---|
ippsHashMethod_SHA1 | SHA1 (without the SHA-NI instruction set)
|
ippsHashMethod_SHA1_NI | SHA1 (using the SHA-NI instruction set)
|
ippsHashMethod_SHA1_TT | SHA1 (using the SHA-NI instructions set if it is available at run time)
|
ippsHashMethod_SHA256 | SHA256 (without the SHA-NI instruction set)
|
ippsHashMethod_SHA256_NI | SHA256 (using the SHA-NI instruction set)
|
ippsHashMethod_SHA256_TT | SHA256 (using the SHA-NI instructions set if it is available at run time)
|
ippsHashMethod_SHA224 | SHA224 (without the SHA-NI instruction set)
|
ippsHashMethod_SHA224_NI | SHA224 (using the SHA-NI instruction set)
|
ippsHashMethod_SHA224_TT | SHA224 (using the SHA-NI instructions set if it is available at run time)
|
ippsHashMethod_SHA384 | SHA384
|
ippsHashMethod_SHA512 | SHA512
|
ippsHashMethod_SHA512_256 | SHA512-256
|
ippsHashMethod_SHA512_224 | SHA512-224
|
ippsHashMethod_MD5 | MD5
|
ippsHashMethod_SM3 | SM3
|
The crypto community does not consider SHA-1 or MD5 algorithms secure anymore.
Recommendation: use a more secure hash algorithm (for example, any algorithm from the SHA-2 family) instead of SHA-1 or MD5.