Question

2. After your explanation in part 1), Barney agrees to use SHA-2 for hashing. However, to save space he proposes to only use the first 128 bits to create a 128 bit hash. He argues that since 128 bit encryption keys are secure, a 128 bit hash should also be secure. Explain what kind of attack a 128 bit hash would be vulnerable to, and why.

Answer 1

Preimage attack and collision attacks.

Step-by-step explanation:

When SHA-2 hashing is used with only 128 bit hash, It usually makes the system vulnerable to attack.

Main disadvantage in case of truncated SHA is that there exist no reduction proofs to the original hash function. It implies that the truncated version is thus is very much resistant to preimage attack and collision attacks.

Collision resistant system does not always implies to collision free. If 128 bit hash is used for say any file greater than 16 bytes, then atleast two collision occurs. It can occur anytime in the beginning in starting one or two documents at any later stage. It will lead to a situation where one will not be able to write second or will ultimately overwrite the first one.