RIPEMD
| General | |
|---|---|
| Designers | Hans Dobbertin, and Bart Preneel |
| First published | 1992 |
| Certification | RIPEMD-160: CRYPTREC (Monitored) |
| Detail | |
| Digest sizes | 128, 160, 256, 320 bits |
RIPEMD (RIPE Message Digest) is a family of cryptographic hash functions developed in 1992 (the original RIPEMD) and 1996 (other variants). There are five functions in the family: RIPEMD, RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320, of which RIPEMD-160 is the most common.
The original RIPEMD, as well as RIPEMD-128, is not considered secure because 128-bit result is too small and also (for the original RIPEMD) because of design weaknesses. The 256- and 320-bit versions of RIPEMD provide the same level of security as RIPEMD-128 and RIPEMD-160, respectively; they are designed for applications where the security level is sufficient but longer hash result is necessary.
While RIPEMD functions are less popular than SHA-1 and SHA-2, they are used, among others, in Bitcoin and other cryptocurrencies based on Bitcoin.
History[]
The original RIPEMD function was designed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation) in 1992.[1][2] Its design was based on the MD4 hash function. In 1996, in response to security weaknesses found in the original RIPEMD,[3] Hans Dobbertin, and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven in Leuven, Belgium published four strengthened variants: RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320.[4]
In August 2004, a collision was reported for the original RIPEMD.[5] This does not apply to RIPEMD-160.[6]
RIPEMD-160 hashes[]
The 160-bit RIPEMD-160 hashes (also termed RIPE message digests) are typically represented as 40-digit hexadecimal numbers. The following demonstrates a 43-byte ASCII input and the corresponding RIPEMD-160 hash:
RIPEMD-160("The quick brown fox jumps over the lazy dog") =
37f332f68db77bd9d7edd4969571ad671cf9dd3b
RIPEMD-160 behaves with the desired avalanche effect of cryptographic hash functions (small changes, e.g. changing d to c, result in a completely different hash):
RIPEMD-160("The quick brown fox jumps over the lazy cog") =
132072df690933835eb8b6ad0b77e7b6f14acad7
The hash of a zero-length string is:
RIPEMD-160("") =
9c1185a5c5e9fc54612808977ee8f548b2258d31
Implementations[]
Below is a list of cryptography libraries that support RIPEMD (specifically RIPEMD-160):
See also[]
- Hash function security summary
- Comparison of cryptographic hash functions
- Comparison of cryptography libraries
- Topics in cryptography
References[]
- ^ Dobbertin, Hans; Bosselaers, Antoon; Preneel, Bart (21–23 February 1996). RIPEMD-160: A strengthened version of RIPEMD (PDF). Fast Software Encryption. Third International Workshop. Cambridge, UK. pp. 71–82. doi:10.1007/3-540-60865-6_44.
- ^ Bosselaers, Antoon; Preneel, Bart (1995). Bosselaers, Antoon; Preneel, Bart (eds.). Integrity Primitives for Secure Information Systems. Final Report of RACE Integrity Primitives Evaluation (RIPE-RACE 1040). Lecture Notes in Computer Science. Vol. 1007. doi:10.1007/3-540-60640-8. ISBN 978-3-540-60640-6. S2CID 12895857.
- ^ Dobbertin, Hans (December 1997). "RIPEMD with two-round compress function is not collision-free". Journal of Cryptology. 10 (1): 51–69. doi:10.1007/s001459900019. S2CID 15662054.
- ^ Bosselaers, Antoon. "The hash function RIPEMD-160".
- ^ Wang, Xiaoyun; Feng, Dengguo; Lai, Xuejia; Yu, Hongbo (2004-08-17). "Collisions Hash Functions MD4 MD5 RIPEMD HAVAL". Cryptology ePrint Archive. Retrieved 2017-03-03.
- ^ Mendel, Florian; Pramstaller, Norbert; Rechberger, Christian; Rijmen, Vincent (2006). On the Collision Resistance of RIPEMD-160. Lecture Notes in Computer Science. Vol. 4176. pp. 101–116. doi:10.1007/11836810_8. ISBN 978-3-540-38341-3. Retrieved 2017-03-03.
External links[]
- Cryptographic hash functions