Introduction to hash functions
Hash functions are the most commonly used mathematical functions in cryptography for implementing security. A hash function converts an input value of any arbitrary size to a fixed-size value. Thus, the input can be of any length but the output generated is always of a fixed length. The output generated is called hash values or hashes.
One more important thing to be noted is Hash Functions and Cryptography are altogether totally different from each other. Encryption is a two-way function i.e. encrypted data needs to be decrypted using a private key, thus they are reversible. Hashing or hash functions are one-way functions (i.e., hashes cannot be reversed). Thus, hashing is faster than cryptography.
The most common use of hashing is password checking. When the user enters the password, the hash of the password is generated and compared with the hash in the database. If both the hashes are the same then the user is allowed to login else the user needs to enter the password again.
Learn Applied Cryptography
Popular hash functions
Following are the widely used Hash functions:
- MD: It stands for Message Digest. It can be MD2, MD4, MD5 and MD6. MD is a 128 bit Hash function.
- SHA: It stands for Secure Hash Algorithm. It can be SHA-0, SHA-1, SHA-2 and SHA-3. SHA-224, SHA-256, SHA-384, and SHA-512 are variants of the SHA-2 family.
- RIPEMD: It stands for RACE Integrity Primitives Evaluation Message Digest. RIPEMD, RIPEMD-128, and RIPEMD-160 are widely used. 256 and 320-bit versions of this algorithm also exist.
- Whirlpool: Whirlpool is 512-bit hash function and a modified version of AES. WHIRLPOOL-0, WHIRLPOOL-T, and WHIRLPOOL are three versions of Whirlpool.
Properties of hash functions
An ideal hash function is desired to possess the following properties to be effective from various attacks from attackers. They are as follows:
- Pre-Image Resistance
- Pre-Image Resistance means that the hash function could not be reversed.
- In simple words, if any hash function “a” produces a hash value “c”, then it should be very difficult to find any input value “b” that hashes to “c”.
- This property makes it impossible for an attacker who has a hash value and is trying to find the input.
- Second Pre-Image Resistance
- Second Pre-Image Resistance means for any input and its hash value, it should be very difficult to find a different input generating the same hash.
- In simple words, if any hash function for an input “a” produces a hash value h(a), then it should be hard to find any other input value “b” such that h(b) = h(a).
- Collision Resistance
- Collision Resistance means it should be very difficult to find two different inputs of any length which produces the same hash. This property is also known as collision-free hash function. This property prevents a widely known attack called hash collision attack.
- In simple words, for a given hash function h, it is very difficult to find any two inputs x and y so h(x) = h(y).
- This collision-free property confirms that these collisions should be hard to find for a given hash function.
- Also, it is this property that makes it hard for an attacker to find two input values generating the same hash.
Hash functions application
Following are the fields where the Hash function is widely used:
- Cryptocurrency
- Password verification for authentication
- Data and file integrity check
- Digital signature
Learn Applied Cryptography
Sources
- https://www.geeksforgeeks.org/what-are-hash-functions-and-how-to-choose-a-good-hash-function/
- https://www.tutorialspoint.com/cryptography/cryptography_hash_functions.htm
- https://www.includehelp.com/cryptography/applications-of-hash-function.aspx
- https://www.investopedia.com/news/cryptographic-hash-functions/
Learn applied cryptography and cryptanalysis
What you'll learn:
- Cryptography fundamentals
- Public key infrastructure
- Blockchain technology
- SSL and TLS
- And more
In this Series
- Introduction to hash functions
- How does hashing work: Examples and video walkthrough
- How does encryption work? Examples and video walkthrough
- Planning for post-quantum cryptography: Impact, challenges and next steps
- Beginner’s guide to the basics of data encryption
- Structures of cryptography
- Role of digital signatures in asymmetric cryptography
- What is homomorphic encryption?
- Encryption and etcd: The key to securing Kubernetes
- Quantum cyberattacks: Preparing your organization for the unknown
- An Introduction to asymmetric vs symmetric cryptography
- Breaking misused stream ciphers
- Entropy calculations
- Blockchain and asymmetric cryptography
- Security of the PKI ecosystem
- Elliptic curve cryptography
- Methods for attacking full disk encryption
- Introduction to Public Key Infrastructure (PKI)
- Introduction to the TLS/SSL cryptography protocol
- Introduction to Diffie-Hellman Key Exchange
- Introduction to the Rivest-Shamir-Adleman (RSA) encryption algorithm
- Introduction to full disk encryption
- 8 reasons you may not want to use VPNs
- Rivest Cipher 4 (RC4)
- Understanding stream ciphers in cryptography
- Cryptography Errors
- Understanding block ciphers in cryptography
- How to mitigate Credential Management Vulnerabilities
- How To Exploit Credential Management Vulnerabilities
- Poor Credential Management
- How Is Cryptography Used In Applications?
- Decrypting Downloaded Files
- Introduction to Asymmetric Cryptography
- The Advanced Encryption Standard (AES)
- Fundamentals of symmetric and asymmetric cryptography
- Case Studies in Poor Password Management
- The ultimate guide to encryption key management
- Principles of cryptography
- Encryption vs Encoding
- Introduction to Cryptanalysis
- Secure Credential Management
- Introduction to Blockchain
- Blockchain Technology
- Virtual Private Networks (VPNs)
- Public Key Infrastructure: Architecture & Security
- Hash Functions
- Asymmetric Cryptography
- Fundamentals of Cryptography
- Symmetric Cryptography
- Introduction to cryptography
- Best tools to perform steganography [updated 2020]
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
