NEWTON

NEWTON


Popular tags

    What hashing functions are available in Cairo? How are they secure?

    Asked

    5 months ago

    85

    views


    0

    Hey guys, I'm wondering:

    • What hashing functions are available now with Cairo?
    • What are the advantages/disadvantages of each, like computation, security?

    So far I know some:

    • keccak
    • Pedersen hash, which can be used to hash chain, here
    • sha256 extension of the starkware implementation which can Computes SHA256 of 'input'. Inputs of arbitrary length are supported.

    Happy hashing :)

      cairostarknethashpedersensha256keccaksecurity

    trangnv

    asked

    5 months ago


    2 answers

    1

    Accepted answer

    I'm no cryptographer, but AFAIK, these are the ones available at this moment. In general, Poseidon and Pedersen are the fastest and most commonly used in ZK applications.

    As a rule of thumb, go with implementations made by Starkware or at least vetted by them, after all they are great mathematicians, and who knows Cairo better than them?!

    Keccak I believe was implemented for EVM compatibility, as it's the most used one there. Pedersen seems to be the most common one alongside Poseidon for ZK, and well you can never go wrong with SHA256, although seems to be a bit slower to use with ZK.

    You should try and implement them all in a Cairo program and see how many steps they use, for instance using Pedersen:

    func main{pedersen_ptr: HashBuiltin*}() { let (res) = hash2{hash_ptr=pedersen_ptr}(1, 2); return (); } Number of steps: 11

    In terms of security, you want a hash function to have the following properties (taken from here and can read more here):

    • preimage resistance: Given h, it should be hard to find any value x with h = H(x).
    • second preimage resistance: Given x1, it should be hard to find x2 != x1 with H(x1) = H(x2).
    • collision resistance: It should be hard to find two values x1 != x2 with H(x1) = H(x2)

    For instance, MD5 has been proven to have hash collisions as described here.

    ctrlc03

    answered

    5 months ago

    0

    Thanks for the great detailed answer Lord, So I would assume that all the listed (kekcak, Pederden, Poseidon, sha256) are preimage resistance, second preimage resistance and collision resistance. Pederden and Poseidon seem to be great choices here.

    trangnv

    answered

    5 months ago

    Your answer

    NEWTON

    NEWTON