Secure digest functions
What is a hash function? some times you have some idea, sometimes you don’t have any idea. So, I will explain it detailed via pointed sentences.
- Actually it an algorithm that has one-way mathematical functions. Anyone can easy to compute, but it is significantly harder to reverse.
- A hash function takes messages, and produce a Fixed Length Hash value (message digest or simply hash).
- And you should remember about the hash function is primarily used for comparison purposes, not for encryption.
- As well as Hashing is vulnerable for man-in-the-middle attacks, it does not provide security for transmitting data.
- It has three characteristics. there are,
secure — It is the one-way function (that means is non-reversible)
Unique- It always produces different digest for different messages.
Fixed size-It will produce fixed-size digest(128bit)
- In this example, you can see the Hash value of the ‘backtest’ message.
- We can two security key objectives verify via Hashing. There are Data integrity and Authentication.
- We can tell more hash algorithms which include in Secure Hash Algorithm(SHA) Family. There are SHA-1, SHA-256, SHA-384 & SHA-512.
- We can see more situations that use hash functions. Normally, it uses for passwords. Before, all passwords stored in the database, we want to convert the form of digest value, not plain text (mostly use SHA-256 Hashing algorithm).
- As well are it provides message integrity for checking proof, such as those accepted when accessing a secure site using a browser.
- I think you have a problem with how to reverse hash functions. Actually we cannot reverse it, we can only to the comparison.
- Eg: When you submit a username and password, then the password will convert to the digest value and store in the Database. When we log in to the system, then we entered the username and password, then again convert the password to the hash value, after that we get the password related to the username and we compare these two digest values. (Is it the same or not?)
- Already, we suppose that hash digest cannot be reversed, but hackers have methods to hack this hash digest using different ways. We also can some simple password hack using some websites. Eg: crackstation.net
In this example, you can see how to hack a simple password very quickly. So, you need more attention when set your password for any accounts. Don’t you a simple password like these.
- This web site has 190GB(1.5 billion entries) lookup tables for MD5 and SHA1 hashes.
- But, Cybercriminal doesn’t use this method, but the principle is the same. Hackers try to crack hashed passwords using the dictionary attack, Brute-force attack, and Rainbow table attacks.
Now we see the Keyed-Hash Message Authentication code. It is a message authentication code (MAC) and it calculates using a secret key and a hash function. As well as, output depends on the input data and the secret key.
You can secure more using with key, then hackers don’t know what is key, then finding what is message is very hard.