Hash functions and integrity

Question

consider the following situation:

1. I have a string s and hash function H generating the hash "h".
2. I send both s and h to another.
3. he sends back s and h back to me.
4. On the s and h received , I perform h'=H(s) and compare it with the h received , if they are identical that means the s i received on step 3 is exactly as i sent in step 2.

Is that correct?

If someone has h and s but does not has the H hash function, can he discover(or create) the H function?

thanks

Answer 1

1. Yes, if the hash is the same, both strings are the same, with the possible exception of a hash collision.

2. In general case it's not possible to reverse-engineer the hash function from the string and its hash value. Obviously, if the hash function is something common (SHA1), it's trivial for the “attacker” to try different standard hashing algorithms and see which one was used. But this can be fixed by hashing s together with some secret.