Is there a difference between PRF and a hash function?
For example: Creation of a secret key is using PRF and creating a secret key is using hash function.
Asked
Active
Viewed 6,239 times
14
-
You should not be using a PRF to create secret keys. You should be using an RNG or CSPRNG, which may be built out of a PRG. – Stephen Touset May 01 '14 at 20:24
-
In the first phase of IKE protocol, the pseudo-random function is used to generate the secret keys. – user13342 May 01 '14 at 22:21
1 Answers
11
No, the two primitives are definitely not the same.
A pseudorandom function is a keyed function that is (computationally) indistinguishable from a function chosen at random from all functions with matching domain and range as long as the key remains secret.
On the other hand, a cryptographic hash function is a function with either a publicly known key (in theory) or no key at all (in practice) that is compressing and collision resistant. That means, it maps long inputs to outputs of a fixed length and it is hard to find two inputs that map to the same output.
Maeher
- 6,818
- 1
- 33
- 44
-
i thought hash functions resemble to a random oracle (in theory), why would they have a public key in theory? – Subhayan May 02 '14 at 23:28
-
1No, hash functions are only modeled as random oracles for proofs in the random oracle model. If we work in the standard model, a hash function is only assumed to be collision resistant. The key of a hash function stems from a technicality of defining collision resistance. The problem is that it is (almost) impossible to define collision resistance for a single function. Therefore collision resistance is defined for a function family, and the key is required to select a member of that family. – Maeher May 03 '14 at 08:20