Hash functions are not known to be quantum vulnerable (i.e., there’s no known quantum algorithm that provides an exponential speedup, best you can do is to use Grover’s algorithm to slightly speed up the brute force search). So maybe never.
They’re one way functions. Encryption requires decryption, so you cannot lose information.
Hash functions are meant to lose information. They cannot be reversed. What they’re good at is verification; do you have the right password? Do you have a proof that this is your message and not someone else’s?
We already use hash functions where they make sense, but the parent is not entirely right; not all hashes and signatures are equals. Some are very quantum susceptible. Those will likely be broken real soon (think years, not decades). Some are quantum resistant.
Hash functions are not known to be quantum vulnerable (i.e., there’s no known quantum algorithm that provides an exponential speedup, best you can do is to use Grover’s algorithm to slightly speed up the brute force search). So maybe never.
So why don’t we use these functions for regular encryption? Or do we?
They’re one way functions. Encryption requires decryption, so you cannot lose information.
Hash functions are meant to lose information. They cannot be reversed. What they’re good at is verification; do you have the right password? Do you have a proof that this is your message and not someone else’s?
We already use hash functions where they make sense, but the parent is not entirely right; not all hashes and signatures are equals. Some are very quantum susceptible. Those will likely be broken real soon (think years, not decades). Some are quantum resistant.
Thanks for the explanation!