What is Cryptographic Hash (cryptographic hash function)?

The cryptographic hash function or cryptographic hash is an algorithm that can run on data as a single file or password to create a value called a checksum.

The main use of cryptographic hash functions is to verify the authenticity of a piece of data. Two files can only be considered identical if the checksum is created from each file, using the same cryptographic hash function.

Some commonly used cryptographic hash functions include MD5 and SHA-1 (besides, there are also many other functions that exist).

Cryptographic hash functions are often referred to as "hash functions", but that is not technically correct. Hash functions are a generic term that includes cryptographic hash functions along with other types of algorithms such as Cyclic Redundancy Check.

Use case of cryptographic hash function

What is Cryptographic Hash (cryptographic hash function)? Picture 1

Suppose you want to download the latest version of Firefox browser. For some reason, you need to download from a website other than Mozilla. Since it is not hosted on a website you trust, you want to make sure that the installation file you just downloaded is the same as the file provided by Mozilla.

Using the calculation tool, you can calculate checksums with a specific cryptographic hash function, such as SHA-2, then compare with the checksum published on the Mozilla website. If they are the same, you can be sure that the download you have is the same version as on Mozilla.

Can cryptographic hash functions be reversed?

Cryptographic hash functions are designed to prevent the ability to reverse checksum that they generate back to the original text. Although they are almost impossible to reverse, they cannot guarantee 100% data protection.

Hackers can use rainbow tables to find out the plain text of a checksum. Rainbow table is a 'dictionary' that lists thousands, millions or even billions of checksum along with their corresponding plain text values.

Although the hash cryptographic algorithm does not reverse engineering, this can happen, because the implementation is simple. In fact, since no rainbow table can list all existing checksum, they are often useful only for simple phrases like weak passwords.

This is a simple version of rainbow table to show how it works when using SHA-1 cryptographic hash function:

Examples of the Rainbow Table Plaintext checksum using cryptographic hash function SHA-1 12345 8cb2237d0679ca88db6464eac60da96345513964 password1 e38ad214943daad1d64c102faec29de4afe9da3d ilovemydog a25fb3505406c9ac761c8428692fbf5d5ddf1316 Jenny400 7d5eb0173008fe55275d12e9629eef8bdb408c1f dallas1984 c1ebe6d80f4c7c087ad29d2c0dc3e059fc919da2

A hacker must know which cryptographic hash algorithm has been used to generate checksum and find values.

For additional protection, some user password storage sites perform additional functions on the cryptographic hash algorithm, after the value is created but before it is stored.This process creates a new value that only the web server understands and does not match the original checksum.

For example, after you enter the password and checksum created, it can be split into multiple sections and rearranged before being saved in the password database, or certain characters can be converted. change to another.When attempting to authenticate the next time, when the user logs in, the web server reverses this additional function and the original checksum is re-created to verify that the user's password is valid.

Doing these steps will limit the possibility of a hack in which all stolen checksum occurs.The idea is to perform an unspecified function, so if a hacker knows the cryptographic hash algorithm but is not a customized one, knowing the password checksum is not helpful.

Password and cryptographic hash function

What is Cryptographic Hash (cryptographic hash function)? Picture 2

The database stores user passwords in the same way as rainbow table. When your password is entered, the checksum is created and compared with the password written to your username. Then you are granted access if both values ​​are identical.

Assuming a cryptographic hash function creates an irreversible checksum, is it safe to create a simple password like 12345, instead of 12 @ 34 $ 5 ? The answer is no and this is why.

Both passwords cannot be decrypted just by looking at the checksum:

1. Checksum MD5 for 12345: 827ccb0eea8a706c4c34a16891f84e7b
2. Checksum MD5 for 12 @ 34 $ 5: a4d3cc004f487b18b2ccd4853053818b

At first glance, you might think that using either of these passwords is fine. This is true, if the attacker tried to find out your password by guessing the MD5 checksum, but no one does this. Often a Brute Force or Dictionary Attack attack (dictionary attack) will be done, this is a common tactic.

A Brute Force attack occurs when someone makes many attempts to guess the password at random. In this case, it is easy to guess 12345, but it is quite difficult to find difficult passwords at random. A Dictionary Attack attack is similar in that an attacker can try every word, number or phrase from a list of common (and uncommon) passwords, and 12345 is one of those common passwords. .

Although cryptographic hash functions create difficult-to-guess checksums, you should still use a complex password for all your online and local user accounts.

More information about cryptographic hash functions

It seems that cryptographic hash functions are related to encryption, but these two things work in different ways.

Encryption is a two-way process in which something is encoded to be unreadable, and then decoded for normal reuse. You can encrypt the files you have stored so that anyone who accesses them cannot use them or you can use the file transfer encryption feature to encrypt files that are traveling over the network, like the ones you upload. or download online.

What is Cryptographic Hash (cryptographic hash function)? Picture 3

The cryptographic hash functions work differently in that the checksum does not mean to be reversed with a special dehash password. The sole purpose of a cryptographic hash function is to compare two pieces of data, such as when downloading files, storing passwords, and retrieving data from the database.

A cryptographic hash function can create the same checksum for different data sections. When this happens, it is called conflict. This is a big problem when considering the cryptographic hash function to create a unique checksum for each data entered into it.

A possible conflict is because each cryptographic hash function produces a fixed length value regardless of the input data. For example, the MD5 hash function creates 827ccb0eea8a706c4c34a16891f84e7b, 1f633b2909b9c1addf32302c7a497983 and e10adc3949ba59abbe56e057 for three different data blocks.

The first checksum is from 12345. The second checksum is made up of more than 700 letters and the number and the third checksum are from 123456. All three inputs have different lengths, but the result is always only 32 characters long since the MD5 checksum used.

There is no limit to the number of checksum that can be created because each small change in the input is said to produce a completely different checksum. Because there is a limit on the number of checksum that a cryptographic hash function can generate, it is always possible that you will encounter a conflict.

This is why other cryptographic hash functions have been created. While MD5 only generates 32 characters, SHA-1 generates 40 characters and SHA-2 (512) creates values ​​with 128 characters. The more characters the checksum has, the less likely it is to have a conflict.