If you don’t know what a hash function is or why we need them in crypto, let me break it down for ya:

A hash function takes an input message and outputs a fixed-size string of characters called a hash value (or simply “hash”). The idea behind this is that if the same message is fed into the algorithm twice, you’ll always get the exact same output. This makes hashing useful in various applications like data integrity checks or password storage.

Now, Blake (2s). It was introduced back in 2017 as a successor to its predecessor, Blake2b. The main difference between the two is that Blake (2s) uses a smaller state size of 512 bits compared to Blake2b’s 1024-bit state. This makes it faster and more memory-efficient for certain use cases like embedded systems or low-power devices.

But here’s where things get interesting: in November 2019, a team of researchers from the University of Bristol discovered a collision attack against Blake (2s) that could potentially break its security. A collision is when two different messages produce the same hash value. This can be used to forge digital signatures or tamper with data without being detected.

The good news is, this vulnerability only affects certain implementations of Blake (2s), specifically those using a 16-byte constant in their initialization vector. The bad news is, many popular software libraries and hardware platforms use this implementation by default. So if you’re currently using Blake (2s) for any critical applications like financial transactions or medical records, it’s time to switch to a more secure alternative.

But no need to get all worked up! There are plenty of other hash functions out there that can do the job just as well, if not better than Blake (2s). Some popular options include SHA-3, BLAKE3, and Argon2. Each has its own strengths and weaknesses depending on your specific use case, so it’s worth doing some research to find the best fit for you.

Until next time, keep your data safe and your hashes strong!