2

If SHA-1 was tried on each and every possible 160-bit string, could it happen that it produces a hash twice, i.e. could it happen that it wont produce a certain hash? In other words, for every 160-bit string, does SHA-1 produce exactly one hash?

Ecir Hana
  • 10,864
  • 13
  • 67
  • 117
  • 1
    Is it possible for two different values to result in the same SHA-1 hash value? Yes. It's extremely *unlikely* ... but possible: https://security.stackexchange.com/questions/19705/is-sha1-better-than-md5-only-because-it-generates-a-hash-of-160-bits – FoggyDay Mar 19 '20 at 22:16
  • 1
    See birthday paradox and birthday attack on hash functions. A hash function with n-bit output has an expected collision after 2^{n/2} different hashes with 50% probability. – kelalaka Mar 19 '20 at 22:21
  • @FoggyDay Today that question should be asked on crypto.stackexchange.com, where you will find a question and answers [here](https://crypto.stackexchange.com/q/48601/1172). Note that the answers are a bit outdated as they predate the SHAttered attack. However, that attack require a specific form of input that is controlled by the entity that produce the hash collision and therefore this attack is not applicable for such a small input size. – Maarten Bodewes Mar 19 '20 at 23:04
  • 1
    I'm voting to close this question as off-topic because not a programming question, and already answered on crypto.SE & security.SE. – Maarten Bodewes Mar 19 '20 at 23:06
  • 1
    @kelalaka I think one of the comments (from Paul) noted 37% at crypto.SE link that I posted. – Maarten Bodewes Mar 19 '20 at 23:07
  • 1
    You're asking if SHA-1 is a permutation on 160-bit inputs. It is not, but I'm not sure that has been proven yet. Cryptographic hash functions tend to behave like random functions, SHA-1 is no exception. Thus expect about 37% of outputs to not be reached, about 37% to have exactly one pre-image, about 18% to have exactly 2 pre-images, etc. – President James K. Polk Mar 20 '20 at 00:53
  • @PresidentJamesMoveonPolk If you post the comment as a answer, I'll accept it. Thanks. – Ecir Hana Mar 21 '20 at 08:37

0 Answers0