Understanding the hashing algorithm

October 25, 2022

A hashing algorithm is a function that produces a fixed-length numeric string output from a data string. In most cases, the output string is much shorter than the original data. Since hash algorithms are intended to be collision-resistant, it is very unlikely that two pieces of data would ever produce the same text.

The MD5 (Message-Digest algorithm 5) and the SHA-1 were the most used hashing algorithms. But MD5 and SHA-1 are considered no more secure hashing algorithms since it was hacked and was replaced by a secure SHA-2, which is a more secure hashtag. The SHA-256 algorithm returns hash value of 256-bits or 64 hexadecimal digits.

We would have to go through each and every item in the list if we were to search for anything in it. On the other hand, if we utilized a hashing algorithm to index a place based on the object’s key, we could instantly access its value by traveling to that specific index. Hashing expedites the process of locating an item on a list.

A hash function essentially transfers one piece of data to another. They are used to produce indices and checksums, among other things. Passwords are encrypted and signed using cryptographic hashes. Wikipedia has a well-written explanation that is probably more concise than mine.

Since hashing algorithms are intended to be collision-resistant, it is very unlikely that two pieces of data would ever produce the same text. When transferring or storing digital files, it is standard practice to verify data integrity using SHA-2.

Hash functions are utilized for three main reasons:

A value may map to a location by being hashed into a number for quick search. As a result, a value may be discovered all at once rather than having to be sought in a lengthy list. These types of data collections are referred to as dictionaries, hashmaps, hashtables, hashsets, etc.

Password storing and comparison – a server may keep the hash value rather than the password by employing a one-way hash (i.e., it cannot be reversed). The user’s password is then transformed into the hash value and submitted to the server for comparison when they log in again. As a result, the server never receives or sees the password itself; instead, some value is derivable from the password. It protects the user’s credentials against various espionage techniques.

Data integrity tests, such as CRC hashing, cause hashes to vary considerably even though the data is just slightly changed. This implies that comparing data supplied via a communication channel against a hash may detect data corruption. Most types of networks divide data into packets, each of which contains a hash that allows the recipient to verify that they got the data correctly by comparing the computed hash of the received data to the received hash.

Thus, the “issues” that hashing algorithms addressed were:

• locating a certain item in a long list without having to hunt for it.
• saving “passwords” and login information without ever transmitting or really keeping any such information.
• ensuring that no damaged data is received after being transmitted.

Learn more by registering for CISSP by calling (416) 471-4545 or visiting http://www.cybercert.ca

Sam Fareed

Lead Instructor qualified in CISSP, CCIE, and MCT with 25 years of training experience in Toronto.