Cryptography, Hashing Algorithms – CompTIA Security+ Lesson 19

You might know what hash is from storing data (hastables) or from smoking it. In cryptography, hashing algorithms are something different. What is it then?

Hashing algorithms must have three characteristics:

  1. It must be one- way. You cannot unhash something.
  2. Variable- length input produces fixed- length output. No matter how long your message is. 15 Characters or 150 Characters. The hash size is the same.
  3. The algorithm must have few or no collisions. Two different inputs should never result in the same hash.

List of hashing algorithms you should be familiar with

Name Description
Secure Hash Algorithm (SHA) A one- way hash that provides a hash value that can be used with an encryption protocol. Produces a 160- bit hash. SHA-2 has 224, 256, 334 adn 512 bits. SHA-3 has been released, but there are no known issues with SHA-2. So SHA-2 is still standard.
Message Digest Algorithm (MD) Also a one- way hash. The most common are MD5, MD4, and MD2. MD5 produces a 128- bit hash. The algorithm is more complex than the predecessors and offers greater security. It doesn’t have strong collision resistance, that’s why SHA are the recommended alternatives.
 GOST A symmetric cipher developed in the old Soviet Union that has been modified to work as a hash function. Produces a 256-bit hash.
LANMAN LANMAN was used prior to the release of Windows NT for authentication. It used LM Hash and two DES keys.
NTLM Microsofts replacement for LANMAN. It uses MD4/5 hashing algorithms. However Microsoft pointed to Kerberos as being its preferred authentication protocol.

Rainbow Tables and Salt

A hash is not impossible to hack, even if hashing algorithms are not reversible. A “fast” way is to use Rainbowtables. A much longer approach would be brute- forcing.

With a rainbow table, all of the possible hashes are computed in advance. This means you create tables with all possible two, three, four, …, n character combinations and the corresponding hash of the combinations using known hashing algorithms. Like the ones listed above.

Tools like OphCrack use rainbow tables.

A counter to rainbow tables is called salt. You pratically just add bits before or after the hash. This nullifies most rainbow table attacks and makes the hackers salty.