Hashing: Crypto.Saltine.Core.Hash

The hash function hashes a message ByteString and returns a hash. Hashes are always of length hash. The shorthash function hashes a message ByteString with respect to a secret key and returns a very short hash. Short hashes are always of length shorthash.

The hash function is designed to be usable as a strong component of DSA, RSA-PSS, key derivation, hash-based message-authentication codes, hash-based ciphers, and various other common applications. Strong means that the security of these applications, when instantiated with hash, is the same as the security of the applications against generic attacks. In particular, the hash function is designed to make finding collisions difficult.

hash is currently an implementation of SHA-512. shorthash is currently an implementation of SipHash-2-4 (https://131002.net/siphash/).

There has been considerable degradation of public confidence in the security conjectures for many hash functions, including SHA-512. However, for the moment, there do not appear to be alternatives that inspire satisfactory levels of confidence. One can hope that NIST's SHA-3 competition will improve the situation.

Sodium includes an implementation of the Blake2 hash (https://blake2.net/) but since this is not standard NaCl nor was Blake2 selected to be SHA-3 the library doesn't bind it.

This is version 2010.08.30 of the hash.html web page. Information about SipHash has been added.