Kopieren und bearbeiten

Hash Functions 2

Beschreibung

Foundations of Computational Security Alicia Sykes (C) 2014 http://as93.net
lissy93
Mindmap von lissy93, aktualisiert more than 1 year ago
lissy93
Erstellt von lissy93 vor etwa 11 Jahre
82
0
0
1 2 3 4 5 (0)

Zusammenfassung der Ressource

Hash Functions 2
  1. Introduction
    1. One way hash functions are easy to compute, but hard to reverse
      1. Brute force can be used against simple one-way hash functions
      2. Sometimes they have no inverse at all
        1. One way hash functions are usually a lot smaller than the origional input
          1. Examples
            1. MD5
              1. MD4
                1. SHA
                  1. RIPE-MD-60
                2. Hashing
                  1. Hashing is used for hash tables data so that there is a direct relation to the data content and storage location
                    1. Instead of storing each data item in the next free memory location, it's data location is determined by a an algorithem that uses a key part of the data
                      1. We can then access that bit of data using it's key value alone
                      2. Simple hash function methods
                        1. Truncation
                          1. Take a few of the first or last characters of the key as the hash code. Works well if the characters are well distributed
                          2. Mid-square
                            1. The key is squared and the middle digits of the re sult are used as the hashed value
                            2. Folding
                              1. the key is partitioned into several parts and the su m of the parts is used to produce the hash code
                            3. One-way hash functions
                              1. Simple hash functions cause collisions - where there is more than one hash keys resulting in the same index.
                                1. For security, we need unique keys to be generated. This is known as collision-free hashing
                                  1. Needs to be easy to compute, but hard to inverse
                                  2. Passwords
                                    1. It is possible to extract authentication information from the target system
                                      1. Plain text passwords should NEVER be stored
                                        1. The same hashing function is used when the user logs in, and it is compared with the value in the database
                                          1. If the files containing the hashed is stolen, the thief has not got the passwords, just the irreversable hashes
                                            1. If the thief knows the length of password, then it is possible to crack. This can be made harder by adding a salt.
                                            2. Hash Salt
                                              1. Hash salt is additional data that is used as an additional input to a one-way hash function
                                                1. Helps defend against dictionary attacks
                                                  1. A new salt is randomly generated for each password
                                                    1. Usually the the salt and the password are concatenated and processed with a cryptographic hash function
                                                      1. The resulting output is then stored with the salt in the database
                                                        1. These are used for storing nearly all user credentials
                                                      Zusammenfassung anzeigen Zusammenfassung ausblenden

                                                      0 Kommentare

                                                      There are no comments, be the first and leave one below:

                                                      Möchten Sie kostenlos Ihre eigenen Mindmaps mit GoConqr erstellen? Mehr erfahren.

                                                      ähnlicher Inhalt

                                                      La demande - Phrases - Chapitre 2
                                                      Gaelle Bourgeois
                                                      Epochen und Literaturströmungen für das Abitur 2015
                                                      barbara91
                                                      A2 Konjunktiv Präteritum (hätte / wäre)
                                                      Anna Kania
                                                      GPSY ALPS
                                                      Malte Ni
                                                      Φαρμακολογια 1 Β
                                                      Lampros Dimakopoulos
                                                      Grundzüge soziologischer Theorien
                                                      Salome Jeong
                                                      PR / WS17 18
                                                      publizistik - bakk ..
                                                      Forschungs- und Anwendungsfelder der Soziologie Teil 2
                                                      stelly Welly
                                                      Vetie-Innere 2014
                                                      Ju Pi
                                                      Chirurgie Kl. Wdk Vetie
                                                      Anne Käfer
                                                      Bibliothek durchsuchen