Hash Functions 2

Description

Foundations of Computational Security Alicia Sykes (C) 2014 http://as93.net
lissy93
Mind Map by lissy93, updated more than 1 year ago
lissy93
Created by lissy93 almost 11 years ago
80
0

Resource summary

Hash Functions 2
  1. Introduction
    1. One way hash functions are easy to compute, but hard to reverse
      1. Brute force can be used against simple one-way hash functions
      2. Sometimes they have no inverse at all
        1. One way hash functions are usually a lot smaller than the origional input
          1. Examples
            1. MD5
              1. MD4
                1. SHA
                  1. RIPE-MD-60
                2. Hashing
                  1. Hashing is used for hash tables data so that there is a direct relation to the data content and storage location
                    1. Instead of storing each data item in the next free memory location, it's data location is determined by a an algorithem that uses a key part of the data
                      1. We can then access that bit of data using it's key value alone
                      2. Simple hash function methods
                        1. Truncation
                          1. Take a few of the first or last characters of the key as the hash code. Works well if the characters are well distributed
                          2. Mid-square
                            1. The key is squared and the middle digits of the re sult are used as the hashed value
                            2. Folding
                              1. the key is partitioned into several parts and the su m of the parts is used to produce the hash code
                            3. One-way hash functions
                              1. Simple hash functions cause collisions - where there is more than one hash keys resulting in the same index.
                                1. For security, we need unique keys to be generated. This is known as collision-free hashing
                                  1. Needs to be easy to compute, but hard to inverse
                                  2. Passwords
                                    1. It is possible to extract authentication information from the target system
                                      1. Plain text passwords should NEVER be stored
                                        1. The same hashing function is used when the user logs in, and it is compared with the value in the database
                                          1. If the files containing the hashed is stolen, the thief has not got the passwords, just the irreversable hashes
                                            1. If the thief knows the length of password, then it is possible to crack. This can be made harder by adding a salt.
                                            2. Hash Salt
                                              1. Hash salt is additional data that is used as an additional input to a one-way hash function
                                                1. Helps defend against dictionary attacks
                                                  1. A new salt is randomly generated for each password
                                                    1. Usually the the salt and the password are concatenated and processed with a cryptographic hash function
                                                      1. The resulting output is then stored with the salt in the database
                                                        1. These are used for storing nearly all user credentials
                                                      Show full summary Hide full summary

                                                      Similar

                                                      OCR Chemistry - Atoms, Bonds and Groups (Definitions)
                                                      GwynsM
                                                      Mapa Mental - Estilos de Aprendizagem
                                                      miminoma
                                                      Physics 2a + 2b
                                                      James Squibb
                                                      Italian: Basics
                                                      Selam H
                                                      Command Words
                                                      Mr Mckinlay
                                                      Chemistry Module C2: Material Choices
                                                      James McConnell
                                                      GCSE REVISION TIMETABLE
                                                      gracemiddleton
                                                      P1 quiz
                                                      I M Wilson
                                                      Types of Learning Environment
                                                      Brandon Tuyuc
                                                      2PR101 1.test - 1. část
                                                      Nikola Truong
                                                      Health and Safety at Work Act 1974 (HASWA)
                                                      Carina Storm