1

Say I have two values $x$ and $y$ of slightly different lengths. They can be passwords or keys or any other critical value, and I want to deterministically map them to two values of the same length.

Would using a secure hash function to achieve that purpose introduce any weakness into the system? We can assume the the output length of the hash function is not too small compared to the original inputs (e.g. the original inputs are not files worth MBs but simple strings of at most a few hundred bits).

Additionally, how does this compare to simply padding one of the inputs with zeros?

hex
  • 111
  • 2
  • 3
    Welcome to cryptography.SE. What is the system, what are the risks on the system?What is the entropy of the inputs? How they are generated, is there a relation between them? If we only consider the pre-image resistance of the Hash function to your title question then use SHA-512, SHA3-512 etc. However, what is the input space? Short input space can be problematic for hashing and what is the output size that you want to use from hash function.... – kelalaka Nov 15 '21 at 12:33
  • 2
    For a wide-enough (32 bytes or more) cryptographic and unbroken hash, I don't see that replacing inputs by their hash can worsen a system. But the problem is under-specified, because "critical input" does not tell what's critical in the inputs: secrecy? that they are not altered? not replayed? that they come from an identified source? – fgrieu Nov 15 '21 at 13:13
  • 2
    This is the problem with short inputs for the security of the hash functions (pre-image). – kelalaka Nov 15 '21 at 13:24

0 Answers0