[Ethereum] Which cryptographic hash function does Ethereum use


Many sources refer to the use of the "SHA3" cryptographic hash function within Ethereum, but the Ethereum project began before the SHA3 standard was finalised, and there was some confusion/controversy around the final parameters selected for the standard. Which function specifically did Ethereum actually end up with? Is it the same as the actual SHA3 standard, or one of the variants within the standard? Or is it a parameterisation of Keccak that doesn't match any of the variants?

Best Answer

Ethereum uses KECCAK-256. It should be noted that it does not follow the FIPS-202 based standard (a.k.a SHA-3), which was finalized in August 2015.

According to this, NIST changed the padding to SHA3-256(M) = KECCAK [512] (M || 01, 256). This was different from the padding proposed by the Keccak team in The Keccak SHA-3 submission version 3 (final, winning version). The difference is the additional '01' bits appended to the message. People are now calling the "submitted version 3" SHA-3 Keccak hashing "Keccak" and the finalized NIST SHA-3 standard "SHA-3".

Using this online generator and the Solidity Online Compiler, I tested the difference between Keccak-256 and SHA3-256. I hashed the word testing using Ethereum and the 2 SHA3 hashing algorithms:

Ethereum SHA3 function in Solidity = 5f16f4c7f149ac4f9510d9cf8cf384038ad348b3bcdc01915f95de12df9d1b02

Keccak-256 = 5f16f4c7f149ac4f9510d9cf8cf384038ad348b3bcdc01915f95de12df9d1b02

SHA3-256 (NIST Standard) = 7f5979fb78f082e8b1c676635db8795c4ac6faba03525fb708cb5fd68fd40c5e