What is Hashing in Cyber Security?
How often does it happen that you download a file, and after waiting for the download to be completed successfully, you get an error that says something along the lines of, “can’t open file” or “the file might be corrupt”?
This happens if the website or your download manager, or someone has tampered with the file somehow or another.
If only there were a way to know if the file downloaded is the one on the website or the file you initially wanted to download, wouldn’t that save a lot of time and effort into the task? Thankfully, there is!
Uses of Hashing in Cyber Security
Hashing is useful in cases where you need to verify the integrity of the downloaded data. It is an algorithm used to convert data files into a number referred to as a “Hash.”
For instance, you work for a firm and are tasked with uploading a significant security patch for the customers.
If somehow someone tampers with or the patch gets corrupted, it could potentially break your customers’ devices. So here, the need for the integrity of the data to be maintained is very high.
So, in such cases, two hash files would be created. One you can post on your website along with the patch, and one would be the hash of the downloaded file.
This way, the users can compare the two hash codes and see if their file is the same and untampered or corrupt. This is the most basic example of using hashing.
Technically, there are hash functions that are used to create hashes.
This function takes in the arbitrary data values as keys and maps them to fixed-size values.
These values are used to index a fixed-size table called a hash table, and the values generated by the hash functions are called hash values, hash codes, or simply hashes.
There are Various Hashing Algorithms:
- MD5
Message Digest 5 (MD5) is a typical hashing calculation that creates a 128-bit hash. Hexadecimal characters are made out of 4 bits and utilize the numbers 0 through 9 and the characters a through f.
- SHA
Secure Hash Algorithm (SHA) is another hashing calculation. There are a few varieties of SHA gathered into four families—SHA-0, SHA-1, SHA-2, and SHA-3:
SHA-0 isn’t utilized.
SHA1 is a refreshed form that makes 160-bits hashes. This is like the MD5 hash, except that it makes 160-bit hashes rather than 128-bit hashes.
SHA2 further developed SHA-1 to beat possible shortcomings. It incorporates four adaptations. SHA-256 makes 256-bit hashes, and SHA-512 makes 512-bit hashes.
SHA (224-bit hashes) and SHA (384-bit hashes) make shortened forms of SHA-256 and SHA-512, individually.
SHA3 (recently known as Keccak) is an option in contrast to SHA-2.
The Public Safety Agency (NSA) made SHA-1 and SHA-2. SHA-3 was made outside of the NSA and was chosen in a non-NSA public contest.
It can make hashes similar to SHA-2 (224 pieces, 256 pieces, 384 pieces, and 512 pieces).
- HMAC
Another strategy used to furnish uprightness is with a Hash-based Message Authentication Code (HMAC). An HMAC is a fixed-length series of pieces like other hashing calculations, for example, MD5 and SHA-1 (known as HMAC-MD5 and HMAC-SHA1).
In any case, HMAC likewise utilizes a common mystery key to add some haphazardness to the outcome, and just the sender and recipient know the mysterious key.
- RIPEMD
RACE Integrity Primitives Evaluation Message Digest (RIPEMD) is another hash work utilized for honesty. It isn’t just about as generally used as MD5, SHA, and HMAC.
Hashing Files
Numerous applications compute and look at hashes naturally with no client intercession. For instance, computerized marks use hashes inside an email, and email applications naturally make and analyze the hashes.
Moreover, there are a few applications you can use to figure hashes physically. For instance, sha1sum.exe is a free program anybody can use to make hashes of records.
A Google search on “download sha1sum” will show a few areas. It runs the SHA-1 hashing calculation against a document to make the hash.
It merits focusing on that hashes are single direction capacities. As such, you can figure a hash on a document or a message. However, you can’t utilize the hash to replicate the first information.
The hashing calculations consistently make a fixed-size bit string paying little mind to the size of the first information.
The hash doesn’t provide you with some insight about the size of the document, the kind of the record, or whatever else.
Hashing Passwords
Passwords are frequently put away as hashes. When a client makes another secret phrase, the framework computes the hash for the secret word and afterward stores the hash.
When the client validates by entering a username and secret phrase, the framework computes the hash of the entered secret key and afterward contrasts it and the put-away hash.
If the hashes are something similar, it shows that the client entered the right secret word.
Hashing Messages
Hashing gives honesty to messages. It gives affirmation to somebody getting a message that the message has not been adjusted.
For example, the message from Leela to John is, “The price is $ nil.”
This message isn’t confidential, so there is no compelling reason to scramble it. Therefore, this is a case centered distinctly around hashing.
In this model, someone adjusted the message before it arrived at John. When John gets the message and the first hash, the message is present “The price is .nil.”
Note that the message is changed on the way. However, the hash isn’t altered. A program on John’s PC figures the MD5 hash on the got message as 564294439E1617F5628A7E3EB75643FE.
It then, at that point, contrasts the got hash and the determined hash:
Hash made on Leela’s PC and got by John’s PC: D9B93C99B6266ABD06C887039053F56
Hash made on John’s PC: 564294439E1617F5628A3E3EB75643FE
The hashes are unique. The program available on John’s PC would inform the disparity.
John doesn’t have a clue which caused the issue.
It might’ve been a malevolent aggressor that changed the message, and this might’ve been a specialized issue.
Be that as it may, John realizes the got message isn’t equivalent to the available message, and the user shouldn’t confide in it.
Utilizing HMAC
You may have seen an issue in the clarification of this hashed message.
However, the question is, can an aggressor redo the message, and for what reason can’t the assailant redo the hash, as well?
If the hacker, i.e., Harry, redoes the message into
“The price comes at .nil,” he could likewise ascertain the hash in the adjusted message and supplant the first hash with an altered hash. Here’s the outcome:
Hash made on Leela’s computer:D9B93C99B6246ABD06C887039053F56
Hash made for changed message on John’s PC: 564294439E16175628A3E3EB75643FE
The determined hash in the changed message will be equivalent to the got hash. This incorrectly shows the message kept up with honesty. HMAC takes care of this issue.
With the help of HMAC, both Leela and Bart’s PCs would know a similar mystery key and apply it for making an HMAC-MD5 hash rather than simply an Md5 hash.
The Bottom Line
Hashing is a significant part of cybersecurity. It is essentially a one-way function that uses an input or text string to generate a unique message digest. Only authorized parties can access the encoded message.
However, despite that, breaches can occur due to which maintaining cyber security in such hashing is important.
Presently, there are various cybersecurity certificate programs offered by institutes that provide relevant information regarding hashing. Enrolling in such courses can benefit you significantly with the wide range of opportunities in cyber security.
