Module tari_crypto::hashing

source ·
Expand description

The Hashing API

A brief justification for this API

The use of hash functions in cryptographic protocols typically assumes and requires that these functions be randomly and independently sampled from an idealized set of all such functions, and have no meaningful correlations to others.

In reality, there are a limited number of modern cryptographic hash functions in common use: the SHA-2 family, the SHA-3 family, Blake2b/s, Blake3, and so on. To use a single hash function for producing a sampling of multiple independent hash functions, it’s common to employ domain separation.

This approach requires care to be done securely, but here’s an example. If we want to use a single high-quality cryptographic hash function D to produce independent hash functions D_1 and D_2, we give each a unique and meaningful label. We can then define the hash of some message m for each of our new hash functions:

D_1 = D("label for D_1", msg)
D_2 = D("label for D_2", msg)

Provided the method used for including the label and message in D is secure (simple concatenation, for example, is not sufficient), D_1 and D_2 behave as independent high-quality cryptographic hash functions, and generally retain the useful properties of D.

Structs

  • DomainSeparatedHash
    A hash value, guaranteed, as far as possible, to have been created using a hash function that has been randomly and independently sampled from an idealized set of hash functions.
  • DomainSeparatedHasher
    A wrapper for hash digest algorithms that produces DomainSeparatedHash instances.
  • Mac
    A domain separated MAC using a simple approach to code derivation.
  • MacDomain
    A domain separation tag for use in MAC derivation algorithms.

Traits

  • AsFixedBytes
    Convert a finalized hash into a fixed size buffer.
  • DerivedKeyDomain
    DerivedKeyDomain is a trait that allows one to safely and easily derive a secondary keys from a primary key.
  • DomainSeparation
    The DomainSeparation trait is used to inject domain separation tags into the DomainSeparatedHasher in a way that can be applied consistently, but without hard-coding anything into the hasher itself.
  • LengthExtensionAttackResistant
    A marker trait for Digest algorithms that are not susceptible to length-extension attacks.

Functions