Home

nonXOF

NonXOF is a term used in some cryptographic discussions to refer to primitives that produce a fixed-length output and do not provide extendable-output capabilities. It is not a standard label in formal literature; more commonly these functions are described as fixed-output hash functions, MACs, or PRFs. The term nonXOF is mainly used to contrast with XOFs, which allow outputs of arbitrary length.

The distinction between XOFs and nonXOFs lies in output length. XOFs, such as SHAKE, are sponge-based and

Examples of nonXOF constructions include fixed-output hash functions like SHA-256 and other SHA-3 variants that define

Applications and security considerations: NonXOFs are used for data integrity, digital signatures, and message authentication where

Notes: The label “nonXOF” is informal and not widely standardized. For any specific function, refer to its

can
be
squeezed
to
any
chosen
length
within
security
constraints.
NonXOFs
produce
a
predetermined
number
of
output
bits
for
each
input,
typically
defined
by
the
function’s
design,
for
example
256
bits
for
SHA-256.
a
specific
digest
length,
as
well
as
MACs
and
PRFs
built
from
these
hashes.
Legacy
hashes
such
as
MD5
are
generally
considered
insecure
and
discouraged.
By
contrast,
XOF
examples
include
SHAKE-128
and
SHAKE-256,
which
can
emit
variable-length
outputs.
a
fixed
output
length
is
sufficient.
Security
properties
of
these
functions
focus
on
preimage
resistance,
second
preimage
resistance,
and
collision
resistance.
When
a
variable-length
output
is
required,
XOFs
are
the
appropriate
choice,
but
they
require
careful
domain
separation
and
output-length
management.
official
specification
to
understand
exact
output
length,
security
properties,
and
usage
guidelines.