OBJECTIVE 04 — HASH FUNCTIONS AND MESSAGE DIGEST ALGORITHMS
WHAT IS A HASH FUNCTION (EXAM DEFINITION)
| Term | Definition |
|---|---|
| Hash function | A mathematical function that converts data of arbitrary size into a fixed-length value |
MEMORY HOOK:
Hash = fingerprint of data
EXAM TRAP:
Hashing is NOT encryption.
PURPOSE OF HASH FUNCTIONS
| Purpose |
|---|
| Data integrity |
| Password storage |
| Digital signatures |
| Message authentication |
PROPERTIES OF A GOOD HASH FUNCTION (VERY IMPORTANT)
| Property | Meaning |
|---|---|
| Deterministic | Same input → same output |
| Fixed output size | Always same length |
| Pre-image resistance | Cannot reverse hash |
| Second pre-image resistance | Cannot find same hash |
| Collision resistance | No two inputs share hash |
MEMORY HOOK:
No reverse, no collisions
HASHING PROCESS (LOGIC FLOW)
-
Input message
-
Hash algorithm
-
Fixed-length hash value
MESSAGE DIGEST ALGORITHMS (EXAM LIST)
MD5 (MESSAGE DIGEST 5)
| Property | Value |
|---|---|
| Output size | 128-bit |
| Status | Broken |
| Weakness | Collisions |
LOGIC:
- Produces same hash for different inputs
EXAM TRAP:
MD5 should not be used for security.
MEMORY HOOK:
MD5 = Mostly Dead
SHA-1 (SECURE HASH ALGORITHM 1)
| Property | Value |
|---|---|
| Output size | 160-bit |
| Status | Broken |
| Weakness | Collision attacks |
MEMORY HOOK:
SHA-1 is no longer secure
SHA-2 FAMILY
Includes:
| Algorithm | Output |
|---|---|
| SHA-224 | 224-bit |
| SHA-256 | 256-bit |
| SHA-384 | 384-bit |
| SHA-512 | 512-bit |
STATUS:
-
Secure
-
Widely used
MEMORY HOOK:
SHA-2 = current standard
SHA-3 (KECCAK)
| Property | Value |
|---|---|
| Structure | Sponge construction |
| Purpose | Backup to SHA-2 |
| Status | Secure |
MEMORY HOOK:
SHA-3 ≠ SHA-2 variant
EXAM TRAP:
SHA-3 does not replace SHA-2 automatically.
RIPEMD
| Property | Value |
|---|---|
| Output size | 160-bit |
| Status | Less common |
| Usage | Alternative to SHA |
HMAC (HASH-BASED MESSAGE AUTHENTICATION CODE)
WHAT IS HMAC (VERY IMPORTANT)
| Property | Description |
|---|---|
| Uses | Hash function + secret key |
| Provides | Integrity + authentication |
| Does NOT provide | Confidentiality |
MEMORY HOOK:
HMAC = hash + key
EXAM TRAP:
HMAC ≠ encryption.
HMAC PROCESS (LOGIC)
-
Message + secret key
-
Hash function
-
HMAC value
HASH VS HMAC (EXAM FAVORITE)
| Feature | Hash | HMAC |
|---|---|---|
| Key used | No | Yes |
| Integrity | Yes | Yes |
| Authentication | No | Yes |
PASSWORD HASHING (IMPORTANT SECURITY CONCEPT)
WHY PASSWORDS ARE HASHED
| Reason |
|---|
| Prevent plaintext storage |
| Reduce breach impact |
WEAK PASSWORD HASHING METHODS
| Method |
|---|
| MD5 |
| SHA-1 |
| Unsalted hashes |
STRONG PASSWORD HASHING METHODS
| Method | Feature |
|---|---|
| bcrypt | Slow, salted |
| scrypt | Memory-hard |
| PBKDF2 | Iterative |
MEMORY HOOK:
Slow hashing = strong security
SALT (VERY IMPORTANT)
| Term | Meaning |
|---|---|
| Salt | Random value added before hashing |
PURPOSE:
- Prevent rainbow table attacks
MEMORY HOOK:
Salt defeats precomputed attacks
COMMON HASH ATTACKS (PREVIEW)
| Attack |
|---|
| Collision attack |
| Pre-image attack |
| Rainbow table attack |
OBJECTIVE 04 — MEMORY CHECKLIST
You must remember:
-
Hashing ≠ encryption
-
MD5 and SHA-1 are broken
-
SHA-2 and SHA-3 are secure
-
HMAC = hash + key
-
Salt prevents rainbow tables
-
Hash provides integrity, not confidentiality
STATUS
Objective 04: COMPLETE
Reply next to continue with:
OBJECTIVE 05 — DIGITAL CERTIFICATES, PKI, AND APPLICATIONS OF CRYPTOGRAPHY