Hash Functions 2

Description

Foundations of Computational Security Alicia Sykes (C) 2014 http://as93.net
lissy93
Mind Map by lissy93, updated more than 1 year ago
lissy93
Created by lissy93 almost 10 years ago
80
0

Resource summary

Hash Functions 2
  1. Introduction
    1. One way hash functions are easy to compute, but hard to reverse
      1. Brute force can be used against simple one-way hash functions
      2. Sometimes they have no inverse at all
        1. One way hash functions are usually a lot smaller than the origional input
          1. Examples
            1. MD5
              1. MD4
                1. SHA
                  1. RIPE-MD-60
                2. Hashing
                  1. Hashing is used for hash tables data so that there is a direct relation to the data content and storage location
                    1. Instead of storing each data item in the next free memory location, it's data location is determined by a an algorithem that uses a key part of the data
                      1. We can then access that bit of data using it's key value alone
                      2. Simple hash function methods
                        1. Truncation
                          1. Take a few of the first or last characters of the key as the hash code. Works well if the characters are well distributed
                          2. Mid-square
                            1. The key is squared and the middle digits of the re sult are used as the hashed value
                            2. Folding
                              1. the key is partitioned into several parts and the su m of the parts is used to produce the hash code
                            3. One-way hash functions
                              1. Simple hash functions cause collisions - where there is more than one hash keys resulting in the same index.
                                1. For security, we need unique keys to be generated. This is known as collision-free hashing
                                  1. Needs to be easy to compute, but hard to inverse
                                  2. Passwords
                                    1. It is possible to extract authentication information from the target system
                                      1. Plain text passwords should NEVER be stored
                                        1. The same hashing function is used when the user logs in, and it is compared with the value in the database
                                          1. If the files containing the hashed is stolen, the thief has not got the passwords, just the irreversable hashes
                                            1. If the thief knows the length of password, then it is possible to crack. This can be made harder by adding a salt.
                                            2. Hash Salt
                                              1. Hash salt is additional data that is used as an additional input to a one-way hash function
                                                1. Helps defend against dictionary attacks
                                                  1. A new salt is randomly generated for each password
                                                    1. Usually the the salt and the password are concatenated and processed with a cryptographic hash function
                                                      1. The resulting output is then stored with the salt in the database
                                                        1. These are used for storing nearly all user credentials
                                                      Show full summary Hide full summary

                                                      Similar

                                                      What were the Cause and Consequences of The Cuban Missile Crisis October 1962
                                                      matthewnr73
                                                      Computer Science
                                                      jacobhuntergoddard
                                                      Chemistry 1
                                                      kelsey.le.grange
                                                      SAT Math Sample Questions
                                                      SAT Prep Group
                                                      Plant and animal cells
                                                      charlotteireland
                                                      Restless Earth Notes
                                                      Gladys Mba
                                                      Direito ambiental
                                                      Luiz Ricardo Oliveira
                                                      GoConqr Getting Started Guide
                                                      Norman McBrien
                                                      Think Python
                                                      tsilvo2001
                                                      CCNA Security 210-260 IINS - Exam 2
                                                      Mike M
                                                      Core 1.8 Metals
                                                      T Andrews