I am looking for a hash function which will best hold up under the following scenario.
As I am intending to use it, the hashed output and algorithm will be readily available to any attacker. They must not be able to find some other string that will produce the same hash output. Also they must not be able to recover the original text.
I realize that *eventually* if they dedicate enough cpu time to it, they will succeed. That's okay. I'd like to know which function will make this absolutely as difficult as possible for them.
I'm currently leaning towards Tiger, but am not sure if it's my best option. I will award points to somebody who can:
a) identify the best algorithm for the scenario above
b) link to an open source implementation in C code
Thanks in Advance!
I recommend that you use SHA-2, it's FIPS approved: http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
SHA-1 will be fased out by the NIST by 2010, to be replaced by SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512).
So stick with SHA-2.
Most open source OS's have an implementation of SHA-2. E.g. Openbsd: http://fxr.watson.org/fxr/source/crypto/sha2.c?v=OPENBSD and http://fxr.watson.org/fxr/source/crypto/sha2.h?v=OPENBSD
J.