Problem: One key difference between a cryptographic hash and an encryption algorithm is that the former does not need a "key" to be used. Given a good encryption algorithm (say, AES), it is infeasible to recover the plaintext of an encryption message. So why not use something like AES with a fixed key (say, 0) as a hash algorithm?