Cyber Currency – part 2/5 – Hashing Algorithms

HASHING ALGORITHMS

  • Hash = one way encryption
    • Uses a mathematical formula (or algorithm)
    • Maps data of variable size to a unique fixed length string
    • Outputs a string called the “hash” or “digest”
    • The same input always produces the same output
    • It cannot be reversed (cryptographic)
    • There are no collisions (no duplicates from different inputs)
  • Hashing algorithms
    • RIPEMD by RIPE consortium
    • SHA by NSA
    • LM hash by Microsoft
    • Whirlpool by Rijmen, Baretto
    • MD by Rivest
  • National Institute of Standards (NIST) publishes Federal Information Processing Standards (FIPS) that describe hashing protocols required for use by government agencies:
    • MD5 – 1992
    • SHA (Secure Hash Algorithm)
    • SHA-0 – 1993
    • SHA-1 – 1995
    • SHA-2 – 2001
    • SHA-3 – 2015
  • One way encryption (example)
    • Input data:
      U.S. Declaration of Independence (1 page of text)

      “When in the Course of human events, it becomes necessary for one people to dissolve the political bands which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature’s God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation. …”

    • Output MD5 hash string:
      6d7df30ac05417961eab16d66695904d
    • Output SHA1 hash string:
      56e0e4ca51fdab93741afbab8d3dc8288080cea4
  • One way encryption (example)
    • Input data:
      U.S. Declaration of Independence (photo image file)
      Declaration of Independence

      Declaration of Independence

    • Output MD5 hash string:
      7fbc8555e2cbf231006d09b4ebc6a5ca
    • Output SHA1 hash string:
      214ed192efc0f391b2bbb3f395dc077c06e9dc1d
  • One way encryption (example)
    • Input data:
      U.S. Constitution (15 pages of text)
    • Output MD5 hash string: 3bc091c076ebdf6e81c1da76653052d4
    • Output SHA1 hash string:
      6043fb1c79fa298a04345eb02872a59da7eb043c
  • Uses for hashes
    • Verify integrity or authenticity
    • Password verification
    • Proof of work
    • Time spent doing calculations
    • Difficult to accomplish, easy to verify
    • Deters frivolous use and tampering
    • Slow down or stop DOS attacks, spam
    • Create trust in the validity of the data
    • Present a unique identifier

Comments are closed.