Internet Security - Hashing Algorithms

Questions and Answers

What is the primary purpose of using a salt when hashing passwords?

• To store passwords in an encrypted format.
• To ensure that identical passwords have different hashes. (correct)
• To speed up the hashing process.
• To simplify the password retrieval process.

Which attack method involves trying every possible combination of characters?

• Rainbow table attack
• Brute force attack (correct)
• Dictionary attack
• Hash table lookup

Which of the following is a characteristic of rainbow tables?

• They are pre-computed for cryptographic hash functions. (correct)
• They are faster than hash table lookups.
• They use a reverse-lookup approach for cracking passwords.
• They require no prior knowledge of the password hash.

What should a system display when a user fails to log in?

Invalid username or password. (A)

What does a hash collision indicate in cryptography?

Two different inputs produce the same hash output. (B)

What is the main purpose of hashing algorithms in internet security?

To provide data integrity assurance (D)

What is a characteristic of a cryptographically strong hash function?

It is impossible to recover input data from its digest (D)

Which of the following statements about MD5 is true?

It is popular for internet applications (B)

When hashing a password during account creation, what happens to the cleartext password?

It is discarded after hashing and never stored (C)

How does SHA-1 compare to MD5 in terms of performance?

MD5 is slightly faster than SHA-1 (D)

What is the output length of a SHA-1 hash?

160 bits (A)

What does 'collision resistance' mean in the context of hashing algorithms?

No two different inputs will produce the same hash (C)

Which hashing algorithm produces a 128-bit digest?

MD5 (B)

What is the main purpose of hashing?

To ensure the authenticity and integrity of messages (D)

Which statement correctly differentiates between encryption and hashing?

Encryption can be reversed to obtain the original plaintext. (A)

What role does adding salt play in hashing?

It decreases the risk of hash collisions. (C)

What is a defining characteristic of hash functions?

They can handle any block of data size. (B)

What is the significance of a Hash-based Message Authentication Code (HMAC)?

It combines a hash function with a MAC for added security. (A)

Which of the following describes what non-repudiation in hashing ensures?

The sender cannot deny sending the message. (A)

Which property should a hash function ideally have?

It should produce outputs that vary dramatically with similar inputs. (D)

What does the term 'message integrity' refer to in the context of hashing?

It allows verification that the message was sent by an authentic source. (D)

What is the primary vulnerability of MD5 that limits its current use?

It can be broken on a single notebook within minutes. (C)

Which of the following hashing functions produces a 160-bit hash value?

SHA-1 (D)

In the context of hash algorithms, what does 'collision' refer to?

Two messages that result in the same hash value. (A)

What is the purpose of a Message Authentication Code (MAC)?

To verify the identity of the sender. (C)

Which hashing algorithm is recommended for current use?

SHA-256 (A)

What is a common characteristic of all secure hash algorithms?

They should be resistant to the birthday attack. (C)

What does HMAC stand for?

Hash-based Message Authentication Code (C)

How many rounds does SHA-1 perform when computing a hash value?

20 rounds (C)

Flashcards

Hashing Algorithm

A one-way function that takes data of any length and produces a fixed-length hash (fingerprint).

MD5

A hashing algorithm that produces a 128-bit hash.

SHA-1

A hashing algorithm that produces a 160-bit hash and is slightly slower than MD5.

Hash

A fixed-length output (fingerprint) obtained from a hashing algorithm applied to data.

Password Hashing

Storing passwords as hashes instead of plain text to improve security.

Data Integrity

Ensuring that data has not been altered during transmission or storage.

Collision Resistance

A property that makes it extremely unlikely for two different inputs to produce the same hash.

One-way function

A function that is easy to compute in one direction but extremely difficult to compute in the reverse direction.

Dictionary Attack

A password attack that tries common words and phrases as passwords.

Brute-Force Attack

Trying every possible combination of characters to guess a password.

Hash Collision

Two different inputs producing the same hash value.

Hash Function

A public function that creates a fixed-size hash value from any size input.

Hash Value

The fixed-size output of a hashing algorithm.

Message Integrity

Verifying that a message has not been altered during transmission.

Non-Repudiation

Preventing someone from denying they sent a message.

HMAC (Hash-based Message Authentication Code)

A method combining hashing and a secret key for message authentication.

Encryption vs Hashing

Encryption is reversible, hashing is not.

Formal Hash Function Requirements

Accepts input of any size, produces a fixed-size output, and is computationally fast.

One-way Property

A hashing function should be difficult to reverse. Given a hash, finding the original input is practically impossible.

Weak Collision Resistance

It's hard to find two different inputs that produce the same hash output. For a particular input, finding another that matches its hash is very difficult.

Strong Collision Resistance

Finding any two inputs that generate the same hash output is incredibly unlikely.

Birthday Attack

A method to find collisions in hash functions by exploiting the mathematical probability of finding two items (like birthdays) with the same value within a limited sample size.

MAC (Message Authentication Code)

A way to verify the integrity of a message and authenticate the sender using a shared secret key. It provides assurance that the message hasn't been tampered with.

Study Notes

Internet Security - Hashing Algorithms

• Hashing algorithms are used for data integrity assurance
• They are based on one-way mathematical functions
• Input data produces a fixed-length digest (fingerprint) of output data
• Digests are cryptographically strong; recovering original data from the digest is impossible
• Well-known hash functions include:
  • Message Digest 5 (MD5) – 128 bits digest
  • Secure Hash Algorithm 1 (SHA-1) – 160 bits digest

Key Hash Functions

• MD5 (Message Digest 5):

  • Computes a 128-bit hash value
  • Widely used for file integrity checking
  • Based on MD4, addressing vulnerabilities in MD4
  • Generates 128-bit hash values over 512-bit blocks in 4 rounds of 16 steps each

• SHA-1 (Secure Hash Algorithm 1):

  • Computes a 160-bit hash value
  • An NIST approved message digest algorithm
  • Operates on 512-bit blocks, producing a 160-bit hash value in 4 rounds of 20 steps each

Popular Hashing Implementations

• MD5:
  • Designed by Ron Rivest in 1991
  • 128-bit output (considered too short for current use)
  • Developed in 2005
  • Can be broken on a single notebook within minutes
• SHA:
  • Designed by the NSA, published in 1993
  • Family of functions: SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
  • SHA-256 is the current recommendation

Birthday Attack

• Collisions: Two messages with the same hash value
• Based on the birthday paradox
• Hash algorithms should resist this attack
• Each input generates a unique digest

Hash Collision

• Hash functions map arbitrary amounts of data into fixed-length strings
• Due to the nature of fixed output lengths, some inputs inevitably hash into the same string
• Cryptographic hash functions are designed to make these collisions difficult to find

Password Hashing

• Account creation and password hashing involves hashing the password to store it in the database
• Never store cleartext passwords
• The attempted password is hashed and compared to the hash of the original password (stored in the password file).
• Users gain access only if the hashes match.
• Never give user password/username error specific messages.

How to crack Hashed Passwords

• Dictionary attacks: Uses a file containing common passwords (words, phrases). A file of potential words/phrases is hashed. Its hash is compared to the victim's credential hash
• Brute force attacks: Tries every possible combination of characters up to a given length
• Hash table lookup: Precomputing the hashes of the passwords (in a dictionary). Store hashes and associated passwords. Faster than rainbow tables but needs significant storage
• Reverse-lookup table: Obtaining a user's password and hash. Determine the algorithm and apply the lookup to all other accounts
• Rainbow table: Pre-computed table for reversing cryptographic hash functions (usually for cracking passwords). Efficient way to store a pre-computed hash but is slower than lookup

Adding Salt

• Lookup tables and rainbow tables work when a password is hashed exactly the same way
• Randomize hashes by appending or prepending a random string (salt) to the password before hashing

Encryption vs Hashing

Feature	Encryption	Hashing
Use of Key	Uses a key	Key is added to the text; combination is hashed
Length of Result	Output is similar in length to input	Output is of a fixed short length, regardless of input
Reversibility	Reversible (ciphertext can be decrypted to plaintext)	One-way function; cannot be "de-hashed" back to the original string

Purpose of Hashing

• Non-repudiation: Cannot deny what has been sent
• Detect doctored messages: Original messages are compared to their digests
• Messages and their digests are sent together for verification
• Salt can decrease the risk of hash collision

Terminology

• Message encryption: Ciphertext of entire message serves as authenticator
• Message authentication code (MAC): Public function of message and secret key that produces a fixed length value that serves as authenticator
• Hash function: A public function that maps a message of any length into a fixed length hash value that serves as authenticator
• Hash-based Message Authentication Code (HMAC): Combination of hash function and MAC using a shared secret

Message Integrity

• Allows verification of received messages' authenticity
• Ensures message content hasn't been altered
• Checks source of message and its temporal integrity
• Maintains sequence of messages

Formal Requirements of Hash Function

• H() can be applied to any block of data of any size
• H() produces a fixed-length output
• H(x) is relatively easy to compute for any given x
• One-way property: Very difficult to find another input (X') on which H(X) = H(X')
• Weak collision resistance: Given an input X and a hashing function H(), it is very difficult to find another input X' on which H(X) = H(X')
• Strong collision resistance: H() and two arbitrary inputs (X & Y), a low probability of H(X) being equal to H(Y)

Other Important Details

• Hash is used in digital signatures with analogous techniques to handwritten signatures for verifiability and non-forgeability.
• HMAC is a popular MAC standard addressing subtle security flaws in MAC calculation.