A function that maps a bit string of arbitrary length to a fixed-length bit string. Approved hash functions satisfy the following properties:

i. (Collision resistance) It is computationally infeasible to find any two distinct inputs that map to the same output.

ii. (Preimage resistance) Given a randomly chosen target output, it is computationally infeasible to find any input that maps to that output. (This property is called the one-way property.)

iii. (Second preimage resistance) Given one input value, it is computationally infeasible to find a second (distinct) input value that maps to the same output as the first value.

This Recommendation uses the strength of the preimage resistance of a hash function as a contributing factor when determining the security strength provided by a key-derivation function.

Source: NIST SP 800-108r1 | Category: