Hashing and message digest basics

Hashing is different from encryption because hashing is designed to act as one way function.  An algorithm that is easy to perform but difficult (almost impossible) to reverse.  A hash is a string of number generated from a string of text (because it can be used to look up anything related to that number, thus eliminating sorting and searching).  It basically scrambles plain text to produce a unique message digest (just some fancy words for the number).  Unlike encryption, where a key is used to both jumble words and de crypt the words back to readable format, hashing won’t allow you to decrypt the number.

Message digest is a cryptographic hash function containing a string of digits created by one way hashing formula.  The message digests are designed to protect integrity of the data, so it can be used in court and ensures the message hasn’t been altered.  Not only can message help you determine file changes, but it can also help you detect and locate duplicate files as well.

Message digests are encrypted with private keys creating a digital signature.  This is a great authentication method to ensure that appropriate user is accessing protected information.  Why is this good?  Where can you use this?  Hashing is a better option when it comes to communicating with the network where one has to communicate with a server.  Since the server needs a key to authenticate password to decrypt whatever message the user is trying to send to the server, there’s a possibility of attack.  To prevent this, hashing can be used to generate the password into unreadable format, which is stored on the server.

Let’s look at how it works.  I enter the password and the user ID on a web browser and send it to the website’s authentication server.  The server uses the user ID to look up the associated message digest, which is just bunch of gibberish.  The password submitted by me is then hashed with the same algorithm, and if the result of the matches the message digest for the user ID, stored on the server, it is then authenticated.
This is not always attack proof.  People rarely use safe passwords, so there are many tricks out there that can be used to guess the passwords.  For example, an attacker can run their own hashing algorithm and try to guess your password by using commonly used passwords to see if they can get the same message digest.  So it’s up to the users as well to ensure security by coming up with attack proof password as well as changing them every so often.
Examples of hashing are MD5, SHA, SHA-2, and so forth.
A possible wall that you come against when using hashing is collisions.  A good hashing function will tend to scatter the data values over the table as much as possible, but collisions may still occur.  There are two main approaches to dealing with collisions, which are chaining and open addressing.  But we can’t talk about these topics later down the road.

In general building a really good hash function is difficult and in most cases you need to find one that has good properties and has been well tested.

You may also like

Leave a Reply

Your email address will not be published. Required fields are marked *