Hashing Flashcards
Hash
A one-way cryptographic function which takes an input and produces a unique message digest
MD5
Message Digest 5:
Algorithm that creates a fixed-length 128-bit hash value unique to the input file
Collision
Condition that occurs when two different files create the same hash digest
SHA
Secure Hash Algorithm
SHA1
Algorithm that creates a fixed-length 160-bit hash value unique to the input file
SHA2
Family of algorithms that includes SHA-224, SHA-256, SHA-384, and SHA512
SHA3
Family of algorithms that creates hash digests between 224-bits and 512- bits
RIPEMD
RACE Integrity Primitive Evaluation Message Digest:
An open-source hash algorithm that creates a unique 160-bit, 256-bit, or 320-bit message digest for each input file
HMAC
Hash-based Message Authentication Code:
Uses a hash algorithm to create a level of assurance as to the integrity and authenticity of a given message or file
• HMAC-MD5
• HMAC-SHA1
• HMAC-SHA256
Hashing: Digital Signatures
Digital signatures prevent collisions from being used to spoof the integrity of a message
Digital signatures use either DSA, RSA, ECDSA, or SHA
Code Signing
Uses digital signatures to provide an assurance that the software code has not been modified after it was submitted by the developer
LANMAN (LM Hash)
Original version of password hashing used by Windows that uses DES and is limited to 14 characters
NT LAN Manager Hash (NTLM Hash)
Replacement for LM Hash that uses RC4 and was released with Windows NT 3.1 in 1993
NTLMv2
Replacement for NTLM Hash that uses HMAC-MD5 and is considered difficult to crack
NTLMv2 is used when you do not have a domain with Kerberos for authentication
Hashing Attacks: Pass the Hash
A technique that allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LM hash instead of requiring the associated plaintext password
Difficult to defend against
Mimikatz:
A penetration testing tool used to automate the harvesting of hashes and conducting the Pass the Hash attack
Hashing Attacks: Birthday Attack
Technique used by an attacker to find two different messages that have the same identical hash digest
▪ 99% chance of finding a matching birthday in a 57-person group
▪ 50% chance of finding a matching birthday in a 23-person group
Collision
Occurs when two different inputs to a hash create an identical hash digest output
Increasing Hash Security: Key Stretching
A technique that is used to mitigate a weaker key by performing multiple processes
WPA, WPA2, PGP, bcrypt, and other algorithms utilize key stretching
bcrypt: Generates hashes from passwords, uses Blowfish to perform multiple rounds of hashing
Increase Hash Security: Salting
Adding random data into a one-way cryptographic hash to help protect against password cracking techniques
A “nonce” is used to prevent password reuse