HASHING
Hashing is used to verify integrity, making sure the media has not been altered, changed, or modified by accidental or intentional means. Hashing can also be called a checksum or message digest.
A hash is a one-way function that produces a fixed-length output. This output cannot be reversed to produce the original input. Hashing only alerts you to the fact that something has changed, in other words, it has lost its integrity.
Hashing is used for many reasons:
1. The most common and widely used methods are with passwords. When an individual login to the PC their password is hashed and matched against the hashes that are stored if it matches the user is authenticated.
2. Sometimes hashing is used to make sure financial records have not been changed. This process can be performed daily, weekly, or monthly. This is referred to as "file integrity monitoring."
3. File integrity monitoring can be used to check the hash value of image files. If the "hash value has changed" on website images, or other images being sent or stored at the organization, then the most likely explanation is someone is using "steganography" to hide stolen data.
4. Running a file integrity program to check configuration files on network devices to compare them to the previous week or months hashes to look for changes.
5. Vendors sometimes provide these for applications, patches, and updates to verify you received the entire download or that it has not been modified. You would need to run a hashing algorithm to see if the hash matches that on the website.
Hashing is used for many reasons:
1. The most common and widely used methods are with passwords. When an individual login to the PC their password is hashed and matched against the hashes that are stored if it matches the user is authenticated.
2. Sometimes hashing is used to make sure financial records have not been changed. This process can be performed daily, weekly, or monthly. This is referred to as "file integrity monitoring."
3. File integrity monitoring can be used to check the hash value of image files. If the "hash value has changed" on website images, or other images being sent or stored at the organization, then the most likely explanation is someone is using "steganography" to hide stolen data.
4. Running a file integrity program to check configuration files on network devices to compare them to the previous week or months hashes to look for changes.
5. Vendors sometimes provide these for applications, patches, and updates to verify you received the entire download or that it has not been modified. You would need to run a hashing algorithm to see if the hash matches that on the website.
HASHING ALGORITHMS
MD5 - Message-Digest 5 uses a 128-bit has value. It is the fast of the hashing algorithms but has documented collisions. Despite being deprecated it is still one of the most widely used hashing programs.
SHA/SHA-1 - Secure Hash Algorithm. SHA was created to address the weaknesses of MD5. Both SHA and SHA-1 use a 160-bit digest.
SHA-2 was created to address the problems with SHA-1. SHA-2 uses longer digests (256, 384, & 512).
RIPEMD - RACE Integrity Primitives Evaluation Message Digest. Produces performance and encryption strength similar to SHA-1.
HMAC - Hash-based Message Authentication Code is used to verify both the integrity and authenticity of a message. It combines a hash function and a secret key.
No comments:
Post a Comment