Sunday, January 24, 2010

Hashing

When preparing for the CompTIA Security+ SY0-201 exam, you'll come across the following objective related to hashing:
5.2 Explain basic hashing concepts and map various algorithms to appropriate applications.
  • SHA
  • MD5
In short, a hash is a number created by applying an algorithm to a file or a message. The same hashing algorithm will always return the same hash (the same number) when applied to an unchanged file or message.  Hashing is used to verify integrity which is an important element of the security triad.

As an example, imagine that a message of  "Hello" needs to be sent.  Assume that the hashing algorithm calculates the hash as 1234.  Both the message and the hash is sent.

When the message is received, the hash is calculated on the received message.  This results in a hash of 1234 which is then compared to the original hash of 1234.  Since both hashes are the same, the message has not lost data integrity.

What if the message is changed?

Imagine that the message of "Hello" is sent with the hash of 1234.  However, the message is modified in transit and the received message is "Goodbye". 

The hash of "Goodbye" is 5678.  The hash of the received message (5678) is compared to the original hash (1234) and it's apparent the hashes are not the same.  The message has lost data integrity.

Applications can be used to calculate hashes and perform the comparisons automatically.  When the hashes don't match a message appears informing the user of loss of data integrity.

MD5 is a hashing algorithm that produces a 128 bit hash. SHA-1 is a hashing algorithm that produces a 160 bit hash.

Here's a practice question on hashing.

Good luck with your studies.

Darril Gibson