8

I would like to know whether it is possible to determine whether a value of for example 256 bit length is a SHA-256 hash or a random, equally distributed value. Is there any research related to common hash functions? Can this property be derived from the avalanche effect?

I would like to know because I would like to include plain text hash values in a steganographic medium, where the stegosystem bases on white noise to be turned into sentences, with number of words per sentences, that have the same distribution of length as usual in this language. Encryption of the hash values is not possible, because at that point of the designed protocol, no key exchange has been performed, yet.

Thank you for all answers or questions related to this problem.

jeteon
  • 143
  • 4
Julian Bruckner
  • 83
  • 3

2 Answers2

18

A SHA-256 hash is, until broken by cryptanalysis, indistinguishable from 256 bits of random noise. The only way to defeat this is by enumerating inputs until you find a matching hash.

If there isn't much entropy in the input (e.g., it's an English word, or it's a value that repeats), it will be relatively simple for an attacker to distinguish it from random noise and possibly even determine the data that was originally hashed.

Stephen Touset
  • 11,162
  • 1
  • 39
  • 53
0

The point of a hash is that the slightest change in input has a cascading change on the resulting hash. With a hashing algorithm like SHA-256, it is designed to behave like a random oracle, which should provide a high amount of entropy, simliar to that of randomly generated numbers.

If you look at some of the applications of SHA256 today, they depend on the output values being randomly distributed.

Nik Roby
  • 166
  • 4