[luchs]

>This is the definition of a Hash Function. Not a cryptographic Hash Function.

No, a hash function is just any function which can be used to put values into a hash map. If your inputs are numbers, modulo will work fine as a hash function, but is obviously not one-way.

>Cryptographic Hashes should NEVER collide, on any inputs, ever, period.

This is obviously not possible, as the output of the cryptographic hash function is of fixed-length while the input is variable-length. Finding collision just needs to be hard, not impossible.

[arjie]

How is modulo invertible in the general case? If it is, can you demonstrate? I have picked certain numbers and their values modulo 10 are 6, 7, and 8. What numbers did I pick?

[chias]

It doesn't have to be. Onewayness says nothing about finding "the original x". If a function is one-way, it means that given y (a random n-bit string in the output space of h), it is hard to find any x such that h(x) = y. If your h() is just a modulo operation, this is trivial: just choose x = y.

[kbenson]

Ah, I see, way as in path, not way as in direction (which is I think the misinterpretation that leads people to the root of the misunderstanding). So, there's one path to get from x -> y, but it does not imply you can't get back to the original x. In that respect, "way" is an unfortunate word to use, at least as it's used in modern English.

[arjie]

Woah, I was completely wrong. You're right. A pseudo-inverse is sufficient. However, there are no functions known to be one-way. How interesting.

[AstralStorm]

You can demonstrate that a number input into modulo belongs to a specific group. Even not knowing the specific value of modulus you can drive it by observing statistical properties of the output. (which is why modulo hashing gives many collisions)

[valarauca1]

      modulo will work fine as a hash function, but is obviously not one-way.

Modulo is a one way trap door operation.

Proof via arrogance:

       X % 100 = 50 
       Solve for X 
       Solution X = F(n) where F(n) = 100*n+50 (for all n > 1)

This does indeed meet the requirements of a hash functions. Modulu is a bad hash function because it is poorly distributed.

      Cryptographic Hashes should NEVER collide, on any inputs, ever, period.
      >This is obviously not possible

NIPS says if you observe 2 inputs of a cryptographic hash which compute to the same digest the hash is considered depreciated. So yes my definition is correct.

Obviously yes all cryptographic hashes aren't unique for every input. As they maybe N bytes long. And simply a logic will tell you there is more information in N bytes of data vs 64 bytes (512bits).

The real issue is, prove it. Testing even the 512bit address space will take you longer then the heat death of the universe, so good luck!

[dgacmu]

No - per the definition of a trapdoor function: "For any k ∈ K, without trapdoor tk, for any PPT algorithm, the probability to correctly invert fk (i.e., given fk(x), find a pre-image x' such that fk(x' ) = fk(x)) is negligible"

https://en.wikipedia.org/wiki/Trapdoor_function

Note that the definition is about a pre-image, not necessarily the input used to create it in the first place.

Second, that definition is absolutely not correct. "Never" would require that the size of the output of the hash function be equivalent to the size of the universe of possible inputs, which it obviously isn't. There's a very important difference between "never be observed in practice" and "never, period." You're not using the language precisely, and that's very dangerous when talking about hashing and cryptography.

[AstralStorm]

Pre-image is even simpler. A good cryptographic hash also prevents second pre-image attack e.g. pre-image based on multiple hashes.

None of those properties is needed for indexing into hash table. Good collision resistance is all that is required and salting for more paranoid cases.