[Cryptography] SHA-256 decrypted (8 rounds)

McDair mcdair at protonmail.com
Tue Apr 2 11:27:10 EDT 2024 


> On 28/03/2024 10:38, McDair via cryptography wrote:
> 
> > When you are using the SHA-256 hash function to protect your secret (what you have done here yourself, or in case of password hashing, bitcoin, ...), you are now using the hash function as an encryption tool.
> 
> 
> But you aren't using the hash to protect the secret.
> 
> Not just here, but ever.
> 
> I tried to find of think up a use case where a hash was used to protect
> a secret, but I couldn't (assuming if cryptographic material is part of
> the preimage it is the cryptographic material which protects the secret,
> not the hash).
> 
> (eg Alice hashes [key][counter][bit] for every bit of her message. Bob,
> knowing the key and counter values, hashes [key][counter][0] and then
> key][counter][1] and tries to find a match. If he does he gets one bit
> of the message, rinse and repeat for the rest of the bits)
> 
> > It is also common terminology in such cases to refer to the hash function input message as 'key'.
> 
> 
> No, it most certainly isn't. The correct term is image, or preimage.
> 
> 
> I note that the wikipedia article on hash functions uses "key", but that
> is so full of other errors that I might have to rewrite it completely.
> Someone ought to.
> 
> The hash table entry is pretty bad too, In hash tables there are
> instances where you might call the image a (non-cryptographic) key, but
> they use it in other instances where the use of key is wrong.
> 
> 
> 
> 
> 
> Common terminology helps us to understand each other, whether it is
> warranted or not.
> 
> Inability or worse refusal to use it correctly implies you don't want us
> to understand you.
> 
> And also if you don't use it, people won't bother to read what you say.
> There are a lot of new papers to read every day, most of which are
> uninteresting or wrong, and if your potential readers find
> you don't use the common terminology they will assume you probably don't
> know what you are talking about.
> 
> You can make up new word usages when doing something new, but not
> otherwise. And preimage searching isn't new.
> 
> 
> Peter Fairbrother
> 
> 
> 
> 
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> https://www.metzdowd.com/mailman/listinfo/cryptography


Allow me to provide the broader context:

> > In code, I found 'Encrypt' and 'Decrypt' clearer counterparts than
> > 'Hash' and 'FindPreImage' or something like that. Especially for
> > subroutines.
> > Also 'Encryption' is a general term wrt cryptography/cryptology.



The reasons why I used this terminology was mainly from a code development point of view, however enthusiastically conveyed outside of this scope.

It is fair to say it might be confusing within the scope of a cryptographic hash function, although applicable in a broader sense.


To clarify:

As mentioned before, encryption in its most general meaning is about protecting secrets. In this context it is not function-type specific.


Here is an example:

Let's say you manage a web application's login credentials, and want to make sure your users' actual passwords will not be exposed in case your server/database gets compromised.

You will be thinking of ways to *encrypt* this data, render it unreadable for an attacker. At this point it is function agnostic.

It is perfectly fine to ultimately choose to use a cryptographic hash function to this end.



McDair

More information about the cryptography mailing list