Introduction to Cryptography

Hashing

Broadly speaking, hashing itself is the act of acquiring a hash value of a digital file. It is the specific process of using a hash function to transform data of any size into fixed-size string.

What is it?

A hash is a digital fingerprint. Just like a fingerprint, a hash uniquely identifies a file. A hash is derived through a use of a hash function.

hash functions

They are mathematical algorightms that convert data of any size into a fixed-sized string of characters known as hash value, hash code, or digest

The common algorithms are:

  • MD5
  • SHA-1
  • SHA-256

All these algorithms a fixed-sized string with very specific properties.

Strict Definition

A one-way mathematical process that takes any input data (a file, a password, a message) and produces a fixed-size, unique string of characters.

Properties of a Hash

1. Deterministic

The same input always produces the same hash.

Use-Case

This ensures reproducibility of evidence.

2. Pre-Image Resistance

Given a hash, it is impossible to find the original data.

Use-Case

This is crucial for protecting password in databases.

3. Second Pre-Image Resistance

It is impossible to find a different input that matches a given hash.

Use-Case

This prevents document forgery.

4. Collision Resistance

It is impossible to find two different inputs that product the same hash.

Use-Case

This guarantees the uniqueness of digital evidence fingerprints.

5. Avalanche Effect

A tiny change in the input results in a massive, unpredictable change in the output.

Use-Case

This makes hashes extremely sensitive to data alteration.

Practical Command-line

TIP

It might be harder at first but practising these commands and using it daily will eventually make you more efficient and versatile.

Shell/Terminal

Windows Powershell

Command

Get-FileHash FullFilePath -Algorithm SHA256

Output

Algorithm       Hash                                                                   Path
---------       ----                                                                   ----
SHA256          068D5DCA983B22ED36A00DEA7D42E58B646F0AC495885892F5746357F39A0470       C:\Users\username\filename.ext

Linux/MacOS/Termux

Command

sha256sum FullFilePath

Output

068d5dca983b22ed36a00dea7d42e58b646f0ac495885892f5746357f39a0470 */c/Users/username/filename.ext

Comparing Hashes

In the previous section, you will notice the output is direct to the console or terminal display. In this section, note how the output is redirected or how sections of it are extracted from the output depending on the shell that you are using.

Windows Powershell

Compare-Object (Get-FileHash FullFilePath -Algorithm SHA256).Hash 068D5DCA983B22ED36A00DEA7D42E58B646F0AC495885892F5746357F39A0470
Powershell Info

Compare-Object will not output anything if the compared values are equal.

TIP

Windows Powershell like their hash values in uppercase, while linux hash values are generated in lowercase.

Linux/MacOS/Termux

In the example command below, we are redirecting the output of the command to a file using the > operator.

sha256sum FullFile1Path | cut -d' ' -f 1 > file1_hash.sha256
sha256sum FullFile2Path | cut -d' ' -f 1 > file2_hash.sha256
cmp file1_hash.sha256 file2_hash.sha256
Command-line Info

The | operator forwards an output of a command to the command immediately after it.

The cut command in linux or unix based system allows us to remove sections from a line. The -d specifies a delimiter to be used to split or cut sections, while the -f specifies which field we want to be returned.

Danger

In output redirection, the > operator will overwrite all contents of the file, if the file already exists.

Activities

The activities listed here are designed to provide you a practical understanding of the five properties of a good hash algorithm. And the value that it provides.

Activity 1

  1. In Windows Powershell, create the directory cert-ph in C:\.
  2. Inside that directory, create a name.txt file and write down your lastname. There should be no other characters inside the file other than your last name.
  3. Get the md5 hash of that file and save it as name.md5
  4. Get the sha1 hash of that file and save it as name.sha1
  5. Get the sha256 hash of that file and save it as name.sha256
  6. Individually verify all the hashes against the file name.txt

Activity 2

  1. Rename name.txt to pangalan.txt
  2. Get the hash of the file pangalan.txt
  3. Edit pangalan.txt, and introduce a . anywhere inside the file.
  4. Individually verify all the hashes against the file name.txt

Activity 3

  1. Download a small image online and save it under C:\cert-ph Save it with the following name: sample-image-00
  2. Get the hash value of sample-image-00.
  3. Make a copy of that file on the same directory. Save it as sample-image-01
  4. Get the hash value of sample-image-01.
  5. Make a copy of sample-image-01 on the same directory, Save it as sample-image-02, and use file properties to add some metadata into the image.
  6. Get the hash value of sample-image-02 with a modified metadata file.
  7. Make a copy of sample-image-02 on the same directory, Save it as sample-image-03, and simply remove that metadata that you added into the image.
  8. Get the hash value of sample-image-03 with a modified metadata file.

Synthesis

  • Does renaming a file change the hash?
  • What does it take to change the hash of a data?
  • Can you tell for sure that the file has not been modified? If yes, how and why?

Hash Table

Definition

A hash table is a data structure that allows for extremely fast lookups by using a hash function to map a key to a specific location, or bucket, within an array.

key value
   
   
6e7931a650d82fa4f83332bebe8ad018 21
   
183ee5c38f5718616e4d909d5298b395 20

results matching ""

    No results matching ""