Section 8.72 Hashing Flashcards
Objectives 1.4 Explain the importance of using appropriate cryptographic solutions. Objectives 2.3 Explain various types of vulnerabilities. Objectives 2.4 Given a scenario, you must be able to analyse indicators of malicious activity.
Hashing
One-way cryptographic function that takes an input and produces a unique message digest as its output
Hash Digest
■ Like a digital fingerprint for the original data
■ Always of the same length regardless of the input’s length
Common Hashing Algorithms
SHA (Secure Hash Algorithm) Family
● SHA-1
○ Produces a 160-bit hash digest, less prone to collisions than MD5
● SHA-2
○ Offers longer hash digests (SHA-224, SHA-256, SHA-348, SHA-512)
● SHA-3
○ Uses 224-bit to 512-bit hash digests, more secure, 120 rounds of computations
Common Hashing Algorithms
MD5 (Message Digest Algorithm 5)
● Creates a 128-bit hash value
● Limited unique values, leading to collisions
● Not recommended for security-critical applications due to vulnerabilities
Most popular over the last few decades
Common Hashing Algorithms
RIPEMD (RACE Integrity Primitive Evaluation Message Digest)
Versions available
○ 160-bit (Most common)
○ 256-bit
○ 320-bit
● Open-source competitor to SHA but less popular
Common Hashing Algorithms
HMAC (Hash-based Message Authentication Code)
● Checks message integrity and authenticity
● Utilises other hashing algorithms (e.g., HMAC-MD5, HMAC-SHA1,
HMAC-SHA256)
Digital Signatures
Created by hasing a file and then taking the resulting hash digest and encrypting it with a private key
■ Recipient decrypts the digital signature using the sender’s public key
■ Verifies integrity of the message and ensures non-repudiation
Common Digital Signature Algorithms
DSA (Digital Security Algorithm)
Utilised for digital signatures
● Uses a 160-bit message digest created by DSS (Digital Security Standard)
Governmetn uses this
Common Digital Signature Algorithms
RSA (Rivest-Shamir-Adleman)
● Supports digital signatures, encryption, and key distribution
● Widely used in various applications, including code signing
○ Hashes change drastically even with minor changes in input
○ Hashing is used to verify data integrity and detect any changes
Commercial use