When we open an account with any service provider, we are first of all giving them the password to our data. What happens then if it gets exposed in case of software vulnerability.
The problem with password is that you need to store the damn thing so you can access it later on to authenticate a login attempt.If the file is stored somewhere on the disk there will be a way to access it and the game is over.You might be thinking that such a file could be encrypted ,but then you just have another password to save somewhere.
This is where hash came in.
A hash is comparable to a persons fingerprint.A hash of any data is a fixed size "fingerprint" of that data.If we convert a piece of data say a password into hash, then it is not possible to get back the original data. How then such a password will help in securing passwords or even exposing them?
If a data is converted into hash, the computed hash will always be same for that data.Therefore is an application chooses to save password it saves its hash instead of plain text. And whenever user enters password it checks that it matches with the stored hash or not.A weak analogy case would be, you cannot get milk from curd, but you can check if a whit fluid is milk by seeing if it curdles.
A hash is different from encryption, since encryption by its very nature has to be reversible, which hash is not.
During registration system password hash is stored in its database and not the password.
And during login when user enters password its hash is computed and checked with the stored hash and if it matches the user is authenticated.
A popular hashing algorithm is MD5 (Message Digest algorithm 5) which always produces a hash of 128-bit.So for any input, whether is a 3-character or if it is a video file of a few gigabyte,the hash which MD5 will produce will be just 128-bit long.
Another hashing algorithm is SHA-1 (Secure Hash Algorithm) which produces 160-bit hashes.SHA-1 has been superseded by SHA-2, which has has four function that produces hashes of 224bit,256bit,384bit or 512bit.
Hashes can be used for other purposes than just securing passwords.You might be familiar with their usage by download sites for verifying the integrity of download.A download site may provide the MD5 and SHA-1 hash which is used to verify that download is error free,complete and intact. Any difference in hash will mean that the download is corrupted or malicious.Torrent file uses SHA-1 hashes for each piece of content you are downloading. In torrent downloading is done by dividing files is many packets and each packet has its hash. So if there is any type of error only that piece can be re-downloaded.
The problem with password is that you need to store the damn thing so you can access it later on to authenticate a login attempt.If the file is stored somewhere on the disk there will be a way to access it and the game is over.You might be thinking that such a file could be encrypted ,but then you just have another password to save somewhere.
This is where hash came in.
A hash is comparable to a persons fingerprint.A hash of any data is a fixed size "fingerprint" of that data.If we convert a piece of data say a password into hash, then it is not possible to get back the original data. How then such a password will help in securing passwords or even exposing them?
If a data is converted into hash, the computed hash will always be same for that data.Therefore is an application chooses to save password it saves its hash instead of plain text. And whenever user enters password it checks that it matches with the stored hash or not.A weak analogy case would be, you cannot get milk from curd, but you can check if a whit fluid is milk by seeing if it curdles.
A hash is different from encryption, since encryption by its very nature has to be reversible, which hash is not.
During registration system password hash is stored in its database and not the password.
And during login when user enters password its hash is computed and checked with the stored hash and if it matches the user is authenticated.
A popular hashing algorithm is MD5 (Message Digest algorithm 5) which always produces a hash of 128-bit.So for any input, whether is a 3-character or if it is a video file of a few gigabyte,the hash which MD5 will produce will be just 128-bit long.
Another hashing algorithm is SHA-1 (Secure Hash Algorithm) which produces 160-bit hashes.SHA-1 has been superseded by SHA-2, which has has four function that produces hashes of 224bit,256bit,384bit or 512bit.
Hashes can be used for other purposes than just securing passwords.You might be familiar with their usage by download sites for verifying the integrity of download.A download site may provide the MD5 and SHA-1 hash which is used to verify that download is error free,complete and intact. Any difference in hash will mean that the download is corrupted or malicious.Torrent file uses SHA-1 hashes for each piece of content you are downloading. In torrent downloading is done by dividing files is many packets and each packet has its hash. So if there is any type of error only that piece can be re-downloaded.
No comments:
Post a Comment