EndCryptor 's  hash function

A hash function's mainly usage is when a checksum of the file for digital signature is computed.  Sometimes a hash value is called a message digest.

The cryptographic hash function in encrypted messages’ signatures is the SHA3 hash competition winner Keccak. Before Keccak-256 EndCryptor used hash function constructed using a block cipher (a secure construction from crypto textbook).

The SHA3 competition was started because SHA1 was being attacked rather successfully and the SHA2 construction contained some similarities to SHA1 – it was at that time considered possible that also SHA2 would ‘collapse’.  Now SHA2 is considered secure since no attacks against it have been found. EndCryptor uses SHA2 in certificate related circumstances and in some other cases also.

EndCryptor uses Keccak in the original winning settings (bitrate is 1088 and capacity 512).

When an attachment is being sent its hash value is calculated using SHA3-256 if the receiver is known to have at least version 2.5.201 -  otherwise the hash is a Keccak-256 hash. The SHA3-256 and the Keccak-256 differ only in the padding that is appended to the end of the input. They have identical security properties.


Updated June 28, 2016.