donau

hash.tex (1623B)

---

 \section{Hash Functions}\label{hash}
 Hash functions are used to compress input values to a fixed output size.
 They are deterministic. The same input leads to the same output. The Donau
 uses hash functions to compress data in order to record less data in the
 database or to send less data over the network.
 
 An important property of a hash functions is preimage and second
 preimage resistance. Second preimage resistance prevents an attacker from
 finding a different input that produces the same hash value as a
 given input, which is crucial for maintaining data integrity and security in
 applications like digital signatures and file verification which are used in
 the Donau.
 
 With second-preimage resistance no equivalent hash for any input $x'$ to a
 given hash $h(x)$ with $x \neq x'$ can be found in a reasonable time.
 Collision resistance is the stronger assumption and even prevents to find
 $h(x) = h(x')$ with $x \neq x'$. A further important
 assumption is the Avalanche Criterion. The property defines that a small change
 in the hash input message leads to a substantial change in the output hash.
 This criteria makes it hard to guess the input even if a part of the input is
 known.\cite{hash2012} To protect the donor, their identity is represented as a
 salted hash of the tax identification number. The salt is a small high entropy
 value, to make it more difficult to guess the hashed value.
 
 The Donau uses the SHA-512 hash function. SHA-512 is part of the SHA-2 family
 and provides a 256 bit security level for collision resistance. The security of
 the hash function is mathematically approved.\cite{hash-nist}