Does combining those two different cryptographic hash functions in HMAC, when each hashes the same data separately, then saved together, guarantee zero possibily of a collision simultaneously or is the assumption false and the possibility is not equal zero even in theory?
Asked
Active
Viewed 1,619 times
2 Answers
13
There is no way to guarantee a hash function (or combination of hash functions) is free of collisions. This is due to the pigeonhole principle. As long as the input is larger than the output hash, some inputs will need to result in the same hash. There's no way to get around this.
Note that both SHA-512 and SHA3-512 are secure hash functions and there is no known way to generate collisions for them more efficiently than provided by the birthday paradox.
forest
- 15,626
- 2
- 49
- 103
7
is the assumption false and the possibility is not equal zero even in theory?
It is known to be false; it is easy to show that there must exist two different images that both hash to a common value $X$ for SHA-512 and and both hash to a common value $Y$ for SHA-3-512, for some 512 bit values $X, Y$. In fact, we can show that there exists such a pair both with lengths no more than 1024 bits (128 bytes).
Now, finding such a pair, that's a bit trickier...
poncho
- 154,064
- 12
- 239
- 382