Cryptography fundamentals, part three - Hashing
Hashing
A hash value, also called a message digest, is a number generated from a string of text. As per the hash definition, no two different texts should produce the same hash value. If an algorithm can produce the same hash for a different string of text, then that algorithm is not collision free and can be cracked. Various examples of hash algorithm are like MD2, MD5 and SHA-1 etc.
Here's how to create a hash of a file, and how to detect whether the hash changes when changing the document.
Learn Applied Cryptography
[download]Download the Cryptography Fundamentals eBook (FREE)[/download]
Demonstration of Hashing using CrypTool
- Click on "Indiv Procedures" > Hash>Hash Demonstration.
-
The message below will appear.
- We have selected the SHA-160 algorithm to generate a hash.
- Since there is no change in text, both the original and modified values are the same. Let's change the text in the file.
I added the word "modified" to the original document.
The hash values are different because the original and final documents are different.
Generation of HMAC using CrypTool
Only one type of hash is possible for a specific text (provided there's no collision), which means the file has integrity. But an attacker could modify the file, recalculate the hash of the modified file, and replace the old hash with the modified one.
That problem is solved using Hash Message Authentication Code (HMAC), which uses a secret key to calculate the hash. That key is secret between the entities. Unless the attacker has the key, they're unable to calculate a valid hash value of the modified data. To generate a HMAC in CrypTool, perform the following steps:
- Click on "Indiv Procedures" >Hash > Generation of HMACs .
-
Select the SHA-1 160 bit hash, and leave the key empty.
-
Because we haven't selected a key, this message will appear.
- The message shows that the difference between a simple hash and HMAC are the keys.
- Below is the hash, or the HMAC value in this case.
Enter key value "Infosec Institute" and see the difference in the generated HMAC. In this case I have chosen the HMAC to be in front of the message.
Digital signatures
A digital signature added to a document shows the sender's identity. It can also provide non-repudiation. The sender cannot deny sending the document, only the sender has that digital signature. Digital signatures are created through multiple steps. We need to understand all the steps that must be performed before a digital signature can be generated.
Demonstration of digital signatures using CrypTool
Digital Signature Creation
- First we need to generate a hash value of the document. To generate it, we need to select a hashing algorithm. We'll use the MD5 algorithm.
- Next, generate a key pair. We'll generate RSA keys. For RSA key generation, two large prime numbers and a mathematical function are required.
- After successfully generating keys, encrypt the hash value generated earlier.
- We need to create a certificate associated with the RSA key. Provide the following details and click on "create certificate." It'll be used for communication between the sender and recipient.
Click on generate signature to create a digital signature. 
Click on "store signature."
Signing with digital signature
Select the document to apply the signature. We'll select our Infosec document.
Verifying the digital signature
- Click on "Digital Signatures" > Verify signature.
- Select the Digital Signature created above
This message confirms a correct signature.
The difference between HMAC and digital signatures
The difference is the type of key being employed. In HMAC, the key that is used is symmetric, and digital signatures uses an asymmetric key.
Learn Applied Cryptography
Learn applied cryptography and cryptanalysis
What you'll learn:
- Cryptography fundamentals
- Public key infrastructure
- Blockchain technology
- SSL and TLS
- And more
In this Series
- Cryptography fundamentals, part three - Hashing
- How does hashing work: Examples and video walkthrough
- How does encryption work? Examples and video walkthrough
- Planning for post-quantum cryptography: Impact, challenges and next steps
- Beginner’s guide to the basics of data encryption
- Structures of cryptography
- Role of digital signatures in asymmetric cryptography
- What is homomorphic encryption?
- Encryption and etcd: The key to securing Kubernetes
- Quantum cyberattacks: Preparing your organization for the unknown
- An Introduction to asymmetric vs symmetric cryptography
- Breaking misused stream ciphers
- Entropy calculations
- Blockchain and asymmetric cryptography
- Security of the PKI ecosystem
- Elliptic curve cryptography
- Methods for attacking full disk encryption
- Introduction to Public Key Infrastructure (PKI)
- Introduction to the TLS/SSL cryptography protocol
- Introduction to Diffie-Hellman Key Exchange
- Introduction to the Rivest-Shamir-Adleman (RSA) encryption algorithm
- Introduction to full disk encryption
- 8 reasons you may not want to use VPNs
- Rivest Cipher 4 (RC4)
- Understanding stream ciphers in cryptography
- Cryptography Errors
- Understanding block ciphers in cryptography
- How to mitigate Credential Management Vulnerabilities
- How To Exploit Credential Management Vulnerabilities
- Poor Credential Management
- How Is Cryptography Used In Applications?
- Decrypting Downloaded Files
- Introduction to hash functions
- Introduction to Asymmetric Cryptography
- The Advanced Encryption Standard (AES)
- Fundamentals of symmetric and asymmetric cryptography
- Case Studies in Poor Password Management
- The ultimate guide to encryption key management
- Principles of cryptography
- Encryption vs Encoding
- Introduction to Cryptanalysis
- Secure Credential Management
- Introduction to Blockchain
- Blockchain Technology
- Virtual Private Networks (VPNs)
- Public Key Infrastructure: Architecture & Security
- Hash Functions
- Asymmetric Cryptography
- Fundamentals of Cryptography
- Symmetric Cryptography
- Introduction to cryptography
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
