Hashing Flashcards

1
Q

What is hashing?

A

The process of taking an input of a variable length and mapping it to a fixed-size output value. The output of these functions is referred to as hashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Where might hashing be used?

A

In hash maps or hash tables which are a type of data structure used in programming that use hashing algorithms to organise data

Used to generate checksums, which are used to identify errors when transmitting or storing data

For cryptographic hash functions for generating digital signatures, securely storing passwords or fingerprinting files

To identify potentially malicious files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can cryptographic hashing be used to identify potentially malicious files?

A

Attackers can easily change the name of a file to successfully distribute the same malware using different file names. Hashes can be generated based on the content of a file and security experts can compare these hashes with other samples using services such as VirusTotal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What makes a cryptographic hash function?

A
  • It consistently gives the same output for a given input (it’s deterministic)
  • It’s relatively quick to compute the hash of a given input
  • Different inputs should produce different outputs so there are no collisions
  • Making a small change to input should produce a significant change to output (avalanche effect)
  • It should be practically impossible to reverse the output to get the input, or produce an input that gives a known output
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List some commonly used hashing algorithms

A
  • MD5 (Message Digest 5)
  • SHA-1 (Secure Hashing Algorithm 1)
  • SHA-256
  • CRC-16 and CRC-32 (Cyclic Redundancy Check (CRC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is MD5?

A

MD5 (Message Digest 5) Designed in 1991 by Ronald Rivest and was originally intended to be used as a cryptographic hash function but has since been found to suffer many vulnerabilities so more commonly used to generate checksums and verify data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is SHA-1?

A

SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which takes an input and produces a 40-character hexadecimal number. Used less frequently now due to risk of collisions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is SHA-256?

A

SHA-256 (Secure Hash Algorithm 256) is one of six hashing functions which forms part of the Secure Hash Algorithm 2 (SHA-2) family. Designed by the NSA as a replacement for SHA-1. Used by a range of protocols including TLS, SSL and PGP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is CRC-16 and CRC-32?

A

Cyclic Redundancy Check (CRC) is an error-detecting algorithm that is often used to identify errors which have occurred during storage and transmission.

CRC-32 is used by Ethernet and SATA compliant devices whereas CRC-16 is used in a range of applications such as Bluetooth and Modbus protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly