From Wikipedia, the free encyclopedia
(Redirected from RIPEMD-128)
DesignersHans Dobbertin, Antoon Bosselaers and Bart Preneel
First published1992
CertificationRIPEMD-160: CRYPTREC (Monitored)
Digest sizes128, 160, 256, 320 bits
A sub-block from the compression function of the RIPEMD-160 hash algorithm

RIPEMD (RIPE Message Digest) is a family of cryptographic hash functions developed in 1992 (the original RIPEMD) and 1996 (other variants). There are five functions in the family: RIPEMD, RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320, of which RIPEMD-160 is the most common.

The original RIPEMD, as well as RIPEMD-128, is not considered secure because 128-bit result is too small and also (for the original RIPEMD) because of design weaknesses. The 256- and 320-bit versions of RIPEMD provide the same level of security as RIPEMD-128 and RIPEMD-160, respectively; they are designed for applications where the security level is sufficient but longer hash result is necessary.

While RIPEMD functions are less popular than SHA-1 and SHA-2, they are used, among others, in Bitcoin and other cryptocurrencies based on Bitcoin.


The original RIPEMD function was designed in the framework of the EU project RIPE (RACE Integrity Primitives Evaluation) in 1992.[1][2] Its design was based on the MD4 hash function. In 1996, in response to security weaknesses found in the original RIPEMD,[3] Hans Dobbertin, Antoon Bosselaers and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven in Leuven, Belgium published four strengthened variants: RIPEMD-128, RIPEMD-160, RIPEMD-256, and RIPEMD-320.[4]

In August 2004, a collision was reported for the original RIPEMD.[5] This does not apply to RIPEMD-160.[6]

RIPEMD-160 hashes[edit]

The 160-bit RIPEMD-160 hashes (also termed RIPE message digests) are typically represented as 40-digit hexadecimal numbers. The following demonstrates a 43-byte ASCII input and the corresponding RIPEMD-160 hash:

 RIPEMD-160("The quick brown fox jumps over the lazy dog") =

RIPEMD-160 behaves with the desired avalanche effect of cryptographic hash functions (small changes, e.g. changing d to c, result in a completely different hash):

 RIPEMD-160("The quick brown fox jumps over the lazy cog") =

The hash of a zero-length string is:

 RIPEMD-160("") =


Below is a list of cryptography libraries that support RIPEMD (specifically RIPEMD-160):

See also[edit]


  1. ^ Dobbertin, Hans; Bosselaers, Antoon; Preneel, Bart (21–23 February 1996). RIPEMD-160: A strengthened version of RIPEMD (PDF). Fast Software Encryption. Third International Workshop. Cambridge, UK. pp. 71–82. doi:10.1007/3-540-60865-6_44.
  2. ^ Bosselaers, Antoon; Preneel, Bart (1995). Bosselaers, Antoon; Preneel, Bart (eds.). Integrity Primitives for Secure Information Systems. Final Report of RACE Integrity Primitives Evaluation (RIPE-RACE 1040). Lecture Notes in Computer Science. Vol. 1007. doi:10.1007/3-540-60640-8. ISBN 978-3-540-60640-6. S2CID 12895857.
  3. ^ Dobbertin, Hans (December 1997). "RIPEMD with two-round compress function is not collision-free". Journal of Cryptology. 10 (1): 51–69. doi:10.1007/s001459900019. S2CID 15662054.
  4. ^ Bosselaers, Antoon. "The hash function RIPEMD-160".
  5. ^ Wang, Xiaoyun; Feng, Dengguo; Lai, Xuejia; Yu, Hongbo (2004-08-17). "Collisions Hash Functions MD4 MD5 RIPEMD HAVAL". Cryptology ePrint Archive. Retrieved 2017-03-03.
  6. ^ Mendel, Florian; Pramstaller, Norbert; Rechberger, Christian; Rijmen, Vincent (2006). On the Collision Resistance of RIPEMD-160. Lecture Notes in Computer Science. Vol. 4176. pp. 101–116. doi:10.1007/11836810_8. ISBN 978-3-540-38341-3. Retrieved 2017-03-03.

External links[edit]