If a hash function like Whirlpool or Sha512 would take a byte array of 1 MB in size filled with the output of a Secure RNG as its input message, would this be considered a strong input message, a strong key, or neither ?
Asked
Active
Viewed 233 times
2 Answers
0
Neither.
There is no such a thing as a strong input message to a secure hash function.
Hash functions don't take a key as input. Keys could be used as input to a KBKDF such as HKDF to derive additional keys key secrets. Those algorithms are often build from hashes though.
The output of a secure random bit generator doesn't need to be hashed to be secure. Many PRNGs / DRBGs are actually build from secure hash functions. Adding a single hash won't help.
Maarten Bodewes
- 96,351
- 14
- 169
- 323
0
To answer the motivating question that the original poster asked in a comment:
If you have a secure RNG, you can use that to pick indices into an array of words to select a sequence of words for a passphrase. For $d$ words in your dictionary, pick $n$ words so that $d^n > 2^{128}$, and you'll have a good passphrase generator. E.g., for $d = 2000$ (say, a dictionary of two thousand common memorable and pairwise distinct French words), a twelve-word passphrase is a good size. If the RNG produces bits rather than integers, use rejection sampling to avoid modulo bias. The secure RNG itself might be built out of SHA-512 (probably not Whirlpool, which is not widely used), but you don't need to feed the RNG output through it afterward.
Squeamish Ossifrage
- 49,816
- 3
- 122
- 230