Hash function resistance properties

I always forget the differences between the three main resistance properties of cryptographic hash functions, so here's a quick reference:

• Collision resistance is the difficulty involved in finding any two values that hash to the same value
• Preimage attack resistance is the difficulty involved in finding an input that yields a given hash
• Second preimage attack resistance is the difficulty involved in finding a different input that yields the same hash as a given input

The key distinction is that collision resistance lets you pick both inputs freely, while second preimage attack resistance requires you to find an alternative to a specific given input.

Second preimage resistance is particularly important for digital signatures and certificates, where an attacker might have access to a legitimate document and wants to create a malicious document with the same hash.