+4 votes
316 views
in Security by (242k points)
reopened
What is a hash function?

1 Answer

+5 votes
by (1.6m points)
edited
 
Best answer

What properties does a hash function have?
What hash value is generated?
Hash function and websites
Protection of confidential data
Message signing
How does the hash function help search functions?
Hash function as a one-way process
Avoid collisions with hash values
The hash function is lightning fast

image

What is a hash function?

The exorbitant growth in the amount of information that is processed in local and global data networks pushes us to constantly look for ways to access large volumes of data more quickly and to guarantee security in the exchange. For this, among other security technologies, the hash function is particularly useful. Here we tell you its properties and its uses..

Index
  1. What properties does a hash function have?
    1. Hash function as a one-way process
    2. Avoid collisions with hash values
    3. The hash function is lightning fast
  2. What hash value is generated?
  3. Hash function and websites
  4. Protection of confidential data
  5. Message signing
  6. How does the hash function help search functions?

The English word hash means to cut . So, the hash function ? short ? the data and gives it a uniform length , regardless of the initial value. This function is also called the summary function and is used in many areas of computing, such as the following:

  • Encrypted communication between the web server and the browser, as well as the generation of session identifiers for internet applications and the intermediate storage of data (cache)
  • The protection of confidential data, such as passwords, web analysis or payment methods
  • Message signing
  • Identifying identical or similar records in search functions
Definition

Hash function : The hash function is used to make the length of originally different strings uniform. For example, with the hash function , different passwords are given a fixed number of allowed characters. However, it is not possible to convert the character string back from the hash value to the original.

image
In this example, the hash function generates hash values ​​of uniform lengths from passwords of different lengths and stores them in the database. Values ​​cannot be reversed.

What properties does a hash function have?

A hash function must meet the following requirements to have the proper properties :

Hash function as a one-way process

It should not be possible to retrieve the content of the original data from the generated hash value . Thus, in the previous example, starting with? $ P $ Hv8rpLanTSYSA / 2bP1xN.S6Mdk32.Z3 ?, it should not be possible to recover the password? Susi_562 # alone ?..

Avoid collisions with hash values

It should never happen that the same hash value is assigned to data from different sources. Each entry must generate a different hash value . If this is guaranteed, there is also talk of a cryptographic hash function . In the image above, there are no identical hash values and therefore no collisions between the generated data. There are more advanced technologies to avoid these collisions.

The hash function is lightning fast

If converting the inputs to a hash value takes a long time, this procedure would not be appropriate. Therefore, the hash function must be implemented very quickly . In databases, hashes are stored in so-called hash tables to ensure fast access..

What hash value is generated?

The hash value generated by the hash function has a fixed length , determined by the hashing technology used. The character set of the input value is irrelevant; the same number of characters is always returned . The allowed characters are defined in the hash function .

image
Hash values ​​generated with the SHA256 method consist of character strings that are always the same length, regardless of the type and number of characters entered.

Thus, the hash value is the result calculated with the hash function and a hash algorithm . The term fingerprint (fingerprint) is also used to name the hash value , since it symbolizes the uniqueness of each hash value , comparable to that of our fingerprints. Using lowercase letters from? To? to? f? and numbers 0 through 9, with a hash value length of 64 characters, up to 1,1579209e + 77 combinations can be created , which means 70 followed by 24 zeros. This shows that even the shortest strings or with more usable characters produce a functional fingerprint.

The hash values shown in the hash function example above are simply generated with a few lines of PHP code:

  <?php echo hash('sha256', 'apple'); ?>  

In this example, the code always returns the hash value or the fingerprint 3a42c503953909637f78dd8c99b3b85ddde362415585afc11901bdefe8349102 .

The hash command was assigned the sha256 encryption algorithm for the word apple .

Hash function and websites

For SSL-encrypted data transmissions, the server certificate is sent to the user's browser during the query to the web server. Then a session key with a hash function is generated and sent to the server, where it is decrypted and verified. When the server confirms the received session key, the encrypted HTTP data traffic as HTTPS begins. The data packets exchanged in the process are also encrypted, making it almost impossible to intercept data traffic.

image
In this section of the certificate of the website of the multilingual German information service Deutsche Welle, you can see, among other things, the keys with which the server establishes communication with the user's browser.

The session keys (session IDs ) are generated from variable data of the visit to a website, such as the IP address and the timestamp, and are transmitted with the URL. These session keys are required, for example, to uniquely identify the users of the shopping cart. Nowadays streaming with the URL has been deprecated (for example: www.domain.tld / index? Sid = d4ccaf2627557c756a0762419a4b6695 ). Identification in the website header as a cookie has become more common.

The temporary caching of information is also encrypted with hashes so that unauthorized users cannot draw any conclusions about the visited websites and cannot obtain access or payment data by viewing the cache.

Communication between the FTP server and the client is similar when using the SFTP protocol.

Protection of confidential data

Online account login details are often the main target of cyberattacks. Hackers want to disrupt the operation of a site, for example, to reduce revenue from traffic-based advertising or to obtain information about stored payment methods.

image
The WordPress content management system offers many security features for authenticating registered users. The displayed keys are generated with various hashing algorithms.

In the example from the WordPress page, we see that passwords are always encoded before being stored. In combination with the security keys generated in the system, a high level of security is achieved. This is especially important as a protection against so-called brute force attacks, in which the attacker uses a specially programmed hash function to try combinations until he finds one that allows access. Long passwords with high security standards make these attacks more difficult, because the computing power required to crack the password grows exponentially. Here, as always, we repeat the advice: never use simple passwords and be sure to keep your login details, whatever they are, safe from unauthorized access .

Message signing

The email traffic passes through servers specially adapted to this form of message transmission. The keys generated by the hash functions are also used to transmit data in the digital signatures of the messages.

image
The digital signature of an email is comparable to the handwritten signature of a letter: unique and unambiguous.

This is how the transmission of messages with a digital signature works :

  • The sender calculates a hash value for your message and encodes it with your private key (the digital signature).
  • The message is sent to the recipient along with the encoded hash value .
  • The recipient generates a hash value of the received message using the same hash function . Also, it decrypts the received hash value with the public key and compares both.
  • If both values match , the recipient can assume that the message has not been tampered with on the transmission path.

Remember: a digital signature does not encrypt the message , but provides proof of its integrity. Confidential content must go through an additional encryption process.

How does the hash function help search functions?

Searching for large amounts of data is a resource-intensive process. Imagine looking for a term in a table with many fields (first name, last name, street, etc.) that contains all the inhabitants of a big city. This can be time consuming and require a lot of computing power. To simplify the process, a hash value is calculated for each data object, which uniquely identifies each entry. To search the table, a hash value is computed again from the search term, which is then compared to the existing hash values . A limited number of letters, digits, and characters are compared to existing letters, digits, and characters. This process is much more efficient than searching all the fields in a data table.

In summary

Hash functions are used to improve security in electronic communication. Security standards have become very sophisticated. However, hackers are also not resting, so the attacks are also becoming increasingly complex.


...