Cyber Security For Beginners: Part 5
Hello and welcome back to our Cyber Security For Beginners blog series. In this part 4 of the series, we are gonna talk about hashing. If you were reading our blog series, then you should know that hashing deals with ensuring data integrity, the second principle of our CIA triad. In the last 2 blogs, we talked about encryption. You must have understood by now that encryption only deals with security/privacy of the data. So, even if we encrypt our data with a strong encryption algorithm like AES, it only ensures the confidentiality of the data. If the data somehow gets altered during a transmission, then it won’t detect that change. Hashing is the process we use for this purpose. It verified that the data is unaltered during its transit and even under its storage phases.
Ok, so let’s try to understand this whole hashing process.
Hashing might feel similar to encryption in that we use various algorithms and techniques to protect our data. But while in encryption we are trying to protect out data from accessed by unwanted people, hashing ensures that the data does not get altered. The process involves passing the data through a hash algorithm to produce a hash, also called a hash digest, which is a long string of alpha-numeric characters. A piece of data can only have a unique hash to it. This implies that if the data gets altered, the hash generated by the altered data would be different from that of the original data. This is how we can detect if the data has been altered or not. Hashing takes an input data of variable length and produces a fixed length hash value.
The algorithm through which the data is passed through to generate its hash digest is commonly known as a hash function. A major difference between hashing and encryption is that hashing is a non-reversible process while encryption is reversible. This is a very important point to remember. It is not possible to retrieve the original data from its hash digest. But, we can compare the hash digest with a new hash generated by the data. If both the hashes are the same, then this implies that the data has not been altered and altered otherwise. Below is a table showing the major differences between hashing and encryption:
Now, where is hashing usually employed in our day-to-day life?
Hashing is primarily employed for storing passwords in databases of servers and other web applications. You might have heard about this when reading about best security practices that should be adopted by a web application that deals with login credentials. Instead of saving the user’s passwords in clear text, the password hash is stored in the database. The application might also add a random data value to the password to make it more secure. This random piece of data is called a salt. And the process of adding the salt to the original data is called salting. So, when a user logs in using his username and password, a password hash of the inputted password is generated and compared with the hash stored in the database. If the hashes are equal, then the password is correct and the user successfully logs in. This method provides much more security to the data stored by a web service in the unfortunate event of a data breach. Even if the perpetrators are able to leak the database, it would be difficult for them to find the clear text passwords from the hashes as hashing is an irreversible process. Never think that it is not possible to find out the clear text data from its hash. If you research online, you can find several methods that hackers employ to obtain clear text data from its hash. The normal workflow used by them would be:
1. The attacker would have a list of hashes of the most common passwords used by people. These lists are called rainbow tables.
2. The hacker would compare the hash he wishes to crack with the hashes in the database.
3. If a hit occurs, then the clear text password is the one on which the hit happened in the rainbow table.
Do read more about these topics if you are interested in password cracking.
Hashing is also used in digital signature systems. It is combined with cryptography to produce uniquely identifiable data, which can be transmitted to its respective recipients. The digital signature process would be covered in a separate blog as it is beyond the scope of this particular one. Don’t worry if you the below image describing digital signatures might confuses too. We well explain it in detail later in the series.
Ok, so now that we have understood what hashing is and how it used in our every day lives, let’s go over some hashing algorithms that we generally use.
MD5: Message Digest algorithm 5
MD5 is one of the commonly used algorithms today. It produces a 128-bit hash digest from its input data. Although MD5 has been developed as a secure hashing algorithm, multiple weaknesses have been found in it. Weakness of a hashing algorithm generally refers to the property of it by which two separate data packets produces the same hash value. In MD5, this collision has been found. Hence, it is insecure.
SHA-1: Secure Hash Algorithm
The SHA-1 algorithm produces a hash digest of 160-bits. It was designed by the United States National Security Agency, or NSA, in early 1993. Unfortunately, this particular algorithm has also suffered the same fate as that of MD5 in that it is vulnerable to hash collisions.
SHA-2: Secure Hash Algorithm 2
These are also a set of hash algorithms developed by the NSA. It has varying hash digests of sizes 224, 256, 384 or 512 bits. This is till date the most secure algorithm among the ones that we have discussed by far. In fact, the US Government mandates that certain sensitive information use this hash function in its various agencies.
NTLM: NT-Lan Manager
This a hashing algorithm used by the Windows NTLM. In these systems, it is generally used to hash windows passwords and store it in the system. The hash digest is 128-bits long.
There are more hashing algorithms out there. Be sure to look into them if you are interested!
So with that, we have finished our discussion on hashing. Hope you guys have learnt something new and see you soon in the next blog. Do check out the below resources for more information!
Additional Resources
Basics of hashing:
Hash collisions:
Digital signatues:
Hashing algorithms:
