In the early 1990's, RACE began the RIPE (RACE Integrity Primitives Evaluation) project, which essentially set out to design some cryptographic algorithms (see also NESSIE, AES) for authentication. Among other things, RIPE wanted a good hash function, so Antoon Bosselaers and Bart Preneel invented RIPEMD, a hash function that produced 128 bit outputs.

However, within a few years, Hans Dobbertin discovered some attacks on RIPEMD which cast doubts on it's security, so in 1996 a paper entitled "RIPEMD-160, a strengthened version of RIPEMD" was published in Fast Software Encryption 1996. At about this same time Dr. Dobbertin used similar techniques to quite successfully attack both MD4 and MD5.

As the name might suggest, RIPEMD-160 produces a 160 bit output. It's internal structure is quite similar to it's predecessors (SHA-1, MD5, MD4) but the design attempts to take all known analysis of those hash functions into account. For example, RIPEMD-160 is internally two different (though closely related) hash functions, and the output is a combination of the two. Thus you (probably) have to break both hashes to break RIPEMD-160.

At the same time, the inventors also published another hash, RIPEMD-128, intended as a drop in replacement for MD4 and MD5.

RIPEMD-160 is among the most trusted and widely used hash functions, because:

  • It's been around for several years
  • Nobody has found any attacks
  • It was designed by people who know what they're doing

RIPEMD-160 is unfortunately quite slow, but then again more recent hash functions like SHA-256, SHA-512, and Whirlpool, are slower still. It is an interesting observation that block ciphers seem to get faster over time, while hash functions get slower.

Several crypto libraries and applications use RIPEMD-160, including OpenSSL and GNU Privacy Guard.

You can find out all kinds of things about RIPEMD-160 at the RIPEMD-160 Page ( including source code, test vectors, and papers about the algorithm.

Log in or register to write something here or to contact authors.