Cryptographic hash function
A cryptographic hash function maps input of any length to a fixed-size digest in a way that is fast to compute and infeasible to reverse. Three properties define it: preimage resistance (a digest cannot be traced back to an input), second preimage resistance (a given input cannot be matched by a second, different input), and collision resistance (no two colliding inputs can be found at all).
Standard functions
The SHA-2 family (FIPS 180-4) and the SHA-3 family (FIPS 202) are the NIST-standardized general-purpose hashes; SHA-256 and SHA-384 dominate deployed protocols.
Quantum impact
Grover's search (Grover's algorithm) gives at most a quadratic speedup, so the theoretical preimage margin of SHA-256 drops from 2^256 to about 2^128 quantum operations. Collision resistance is governed by the classical birthday bound (2^128 for SHA-256), and known quantum collision algorithms need so much memory that they offer little practical advantage. Hash functions with adequate output size are therefore treated as post-quantum safe, which is why Merkle tree constructions and hash-based signatures count among the most conservative post-quantum choices.
Sources
Cite this entry
"Cryptographic hash function." postquantum.wiki. Updated July 11, 2026. https://postquantum.wiki/hash-function@misc{pqwiki-hash-function,
title = {Cryptographic hash function},
howpublished = {\url{https://postquantum.wiki/hash-function}},
year = {2026},
note = {postquantum.wiki, updated 2026-07-11}
}