Hash Functions 101
Cryptography is everywhere in our digital life, on e-commerce, messaging, cryptocurrencies, wi-fi networks, cellular all over
When you start to explore the world of cryptography, you will soon get overwhelmed with the number of terms and acronyms that are used all over, from encryption to hashing, symmetric to asymmetric, public keys, certificates
One of the public toolkits that are widely available for the most operating system is the OpenSSL, and I will use it to try and make things a bit more simple.
The first major term that we will look into is hashes. They are used everywhere, in the blockchain and when you store passwords on your database
Let’s start
What are hashes, and why do use them?
Hashes ( also known as a message digest ) are nothing more than a mathematical function that input of any size and maps it to an output of fixed size
The size of the hash value depends on the hash function that you use and there are lots of them, from MD5 to SHA 256bit, 512bit, and more
Hash functions are irreversible, that is, you can’t just take the output and do reverse engineering, in order to unveil the original data, and that is why hashes should not be treated as encryption keys, as they cannot be decrypted, there is no secret key that can be used on the other side
We use hashes in digital certificates between secure web servers and clients, we use them In IPSec connections, and when we authenticate on websites, our passwords are actually being hashed and are not left in their plain state
But the major reason we use hashes, is for integrity, to be sure that no one tampered with the data, that is making sure that the data that flows between different places, sites ( even if it is being encrypted is not manipulated by anyone) the beauty of hash functions is seen as the slightest change done to a file changes it’s hash value, an indication, that our original file was treated by someone else
First Setup
I am using my wife’s Mac https://amzn.to/2TmxLxx ( which is strong enough to deal with calculating a huge amount of hashes in a second, although it is a mid-range MacBook ) for this article, but you can use windows or a Linux machine
To install OpenSSL to my computer, you will need to open your Mac terminal and use the following command
“Brew install OpenSSL “
As it finishes, you can start and use the builtin hash functions, but before that, just write down OpenSSL help to look at the man page of OpenSSL
You can see the different hash options under the message digest commands
The next thing that we will do, is to write down a message, hash it using SHA256bit hash function, tamper with the message, adding to it only one character and hash it again, to see the new hash value
We will use the VIM text editor to write down our message
Let’s name our text message “secret message”
As the VIM window opens, we will write down the following message
Let’s get back to our terminal page, to do so press the ESC key, and =d then type:q
The next thing to do is to calculate the hash value of the message, to do so, we will use the command “openssl sha256 secretmessage,txt”
The result as we can see is a 256bit value, shown in hexadecimal characters.
Again, we can use a message or a file that is way bigger in size and the output will always be a 256-bit value ( as long as we use the SHA256 hash function ) We could use other hash functions as SHA512 and the output would be 512bit
Tamper with the message
Let’s change and add up one character to the file and see the resulting hash value
So open up the same file using the same as before VIM command “ vim secretmessage.txt
Type “i” and you will see the page turns into the INSERT mode
Add the Dot character at the end of the file
Press ESC again, and then type: to get back into the command mode and from there type wq , to quit and save the new file
Different Hash Value — the file was tampered !!!
Now let’s check the new hash value of our new file
Type “ openssl sha256 secretmessage.txt “
And there we have it !!! , the hash value of our file has changed completely, even though, the only thing that was added was the DOT character
In the next articles, we will look at more advanced features of hash functions as used in real life