Copy and Edit

Hash Functions 2

Description

Foundations of Computational Security Alicia Sykes (C) 2014 http://as93.net
lissy93
Mind Map by lissy93, updated more than 1 year ago
lissy93
Created by lissy93 about 11 years ago
81
0
0
1 2 3 4 5 (0)

Resource summary

Hash Functions 2
  1. Introduction
    1. One way hash functions are easy to compute, but hard to reverse
      1. Brute force can be used against simple one-way hash functions
      2. Sometimes they have no inverse at all
        1. One way hash functions are usually a lot smaller than the origional input
          1. Examples
            1. MD5
              1. MD4
                1. SHA
                  1. RIPE-MD-60
                2. Hashing
                  1. Hashing is used for hash tables data so that there is a direct relation to the data content and storage location
                    1. Instead of storing each data item in the next free memory location, it's data location is determined by a an algorithem that uses a key part of the data
                      1. We can then access that bit of data using it's key value alone
                      2. Simple hash function methods
                        1. Truncation
                          1. Take a few of the first or last characters of the key as the hash code. Works well if the characters are well distributed
                          2. Mid-square
                            1. The key is squared and the middle digits of the re sult are used as the hashed value
                            2. Folding
                              1. the key is partitioned into several parts and the su m of the parts is used to produce the hash code
                            3. One-way hash functions
                              1. Simple hash functions cause collisions - where there is more than one hash keys resulting in the same index.
                                1. For security, we need unique keys to be generated. This is known as collision-free hashing
                                  1. Needs to be easy to compute, but hard to inverse
                                  2. Passwords
                                    1. It is possible to extract authentication information from the target system
                                      1. Plain text passwords should NEVER be stored
                                        1. The same hashing function is used when the user logs in, and it is compared with the value in the database
                                          1. If the files containing the hashed is stolen, the thief has not got the passwords, just the irreversable hashes
                                            1. If the thief knows the length of password, then it is possible to crack. This can be made harder by adding a salt.
                                            2. Hash Salt
                                              1. Hash salt is additional data that is used as an additional input to a one-way hash function
                                                1. Helps defend against dictionary attacks
                                                  1. A new salt is randomly generated for each password
                                                    1. Usually the the salt and the password are concatenated and processed with a cryptographic hash function
                                                      1. The resulting output is then stored with the salt in the database
                                                        1. These are used for storing nearly all user credentials
                                                      Show full summary Hide full summary

                                                      0 comments

                                                      There are no comments, be the first and leave one below:

                                                      Want to create your own Mind Maps for free with GoConqr? Learn more.

                                                      Similar

                                                      Basic Insurance Concepts & Principles - exampdfs 01
                                                      shuiziliu
                                                      ICT Revision 2014
                                                      11RaceyG
                                                      An Gnáthrud
                                                      xlauramartinx
                                                      IB Chem Flashcards
                                                      j. stu
                                                      John Montague
                                                      David Caprani
                                                      AQA Business Unit 1
                                                      lauren_binney
                                                      AQA GCSE Physics Unit 2 Mindmap
                                                      Gabi Germain
                                                      Penson
                                                      Roslyn Penson
                                                      Celiac Disease
                                                      wedad attar
                                                      Medicina Muncii 1-200
                                                      Anastasia Cechina
                                                      Browse Library