A cryptographic hash function is a mathematical algorithm that maps data of arbitrary size to a bit array of a fixed size (the “hash). It is a one-way function, that is, a function that is practically infeasible to invert or reverse the computation.
Certain properties of cryptographic hash functions impact the security of password storage.
- Non-reversibility, or one-way function
A good hash should make it very hard to reconstruct the original password from the output or hash
- Diffusion, or avalanche effect
A change in just one bit of the original content will result in a change to half the bits of its hash. In other words, when the original content is changed slightly, the output of enciphered text will change significantly and unpredictably
- Collision resistance
It’s almost impossible to find two different source contents that hash to the same enciphered text
A given original content will always generate the same hash value
The hash value can not be reconstructed from the source content
We have elected to put our money and faith in a mathematical framework that is free of politics and human error.