Also known as: hash, message digest, SHA
A cryptographic hash function maps input of any length to a fixed-size digest in a way that is easy to compute but practically impossible to invert, so the digest acts as a compact, tamper-evident fingerprint of the data.1
How it works
A good cryptographic hash behaves like a deterministic but unpredictable function. Flipping a single input bit changes roughly half the output bits (the avalanche effect), and the function is designed to resist three things:
- Pre-image resistance — given a digest, you cannot feasibly find an input that produces it (the function is one-way).
- Second-pre-image resistance — given one input, you cannot find a different input with the same digest.
- Collision resistance — you cannot feasibly find any two distinct inputs that hash to the same digest.
Because the output is fixed-size and the input is unbounded, collisions must exist in principle; the security claim is only that they are computationally infeasible to find. Common examples are the SHA-2 and SHA-3 families. A hash uses no key and does not hide the data, so it is not encryption — anyone can recompute it.
Relevance to SDR
Hashing is about integrity, which on the radio is usually handled by something simpler. A cyclic redundancy check protects P25/DMR frames against accidental bit errors, but a CRC is not a cryptographic hash: it is short, linear, and trivial to forge on purpose, so it detects noise, not tampering. GopherTrunk uses CRCs to validate decoded frames, and the distinction matters — a valid CRC means “probably not corrupted by the channel,” never “authenticated.” Cryptographic hashes proper show up in the key-management and authentication layers of secure systems (deriving or checking AES keys), which a scanner observes only as opaque encrypted traffic.
Sources
-
Cryptographic hash function — Wikipedia, for pre-image and collision resistance, the avalanche effect, and the integrity-not-secrecy distinction. ↩