Skip to content
Author: Tianle Yuan

** 🦺 Cryptographic**⚓︎

The transmission and storage of files need to be encrypted, otherwise the privacy of file content will be very easy to be disclosed.

About file transmission, we have discussed in the section about OAuth 2.0. In this section, we are talking about the way to encrypt stored files.

Cryptographic hash function⚓︎

Yes, to store the file secretly, we can use Cryptographic hash function to generate checksum, which we have mentioned before in the command line sha1sum.

Cryptographic hash function should have below properties:

  • Avalanche effect: Small changes to input should result in big changes to output, this property is called Avalanche effect.
  • Deterministic: The same input always produces the same output.
  • Non-invertible: (if you record the mapping table between plain text and hash value, it is another case.)
  • Collection resistance: The algorithm should be 1 --> mul, or 1 --> 1. Should not be mul --> 1.

The picture below shows the property of Cryptographic hash function:

sha1sum

Hash Algorithms⚓︎

There are three famous hash algorithms:

  • SHA1: function which returns 160-bit (20-byte) hash value. commit ID is forty hexadecimal characters that specify a 160-bit SHA-1 hash.
  • SHA2: consists of six hash functions with digests (hash values) that are 224, 256, 384, or 512 bits: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256.
  • SHA3: Subset of the broader family of algorithms called Keccak. This algorithm won the hash function competition called NIST.

Hash salt⚓︎

As you saw that Cryptographic hash function has Non-invertible and Deterministic properties. If we use the same hash, we definitely know that we are using the same file. As a hacker, it is easy for you to build a hash cheating table!

Salt is random data that is used as additional input to a one-way function that hashes data, a password or passphrase.

Let's compare the normal Hash with Hash added salt.

Hash added salt:
Username Salt value String to be hashed Hashed value = SHA256 (Password + Salt value)
user1 D;%yL9TS:5PalS/d password123D;%yL9TS:5PalS/d 9C9B913EB1B6254F4737CE947EFD16F16E916F9D6EE5C1102A2002E48D4C88BD
user2 )<,-* password123)<,-* 6058B4EB46BD6487298B59440EC8E70EAE482239FF2B4E7CA69950DFBD5532F2
normal Hash:
Username String to be hashed Hashed value = SHA256
user1 password123 57DB1253B68B6802B59A969F750FA32B60CB5CC8A3CB19B87DAC28F541DC4E2A
user2 password123 57DB1253B68B6802B59A969F750FA32B60CB5CC8A3CB19B87DAC28F541DC4E2A

It is obvious that; output with Hash added salt algorithm prevents the increase the Non-invertible property and diminishes Deterministic property.

References:⚓︎

Comments