Tag Archive for: Hashing

What Is Hashing? How Does Hash Key Work And Salting Helps It?

/in


Safeguarding your data and personal information has never been more important than today and hashing is a widely used method that acts as a guardian for our passwords and other types of sensitive information.

Hashing is a crucial element in modern cybersecurity, quietly safeguarding sensitive data and ensuring the integrity of digital information. At its core, hashing is a process that takes an input, referred to as a ‘key,’ and transforms it into a fixed-length string of characters known as a ”hash.” What makes hashing indispensable is its ability to provide a unique digital signature for data, allowing any alterations to be quickly detected.

The fundamental concept behind hashing revolves around the use of a mathematical algorithm called a hash function. This algorithm is designed to meet specific criteria: it must produce a consistent output length, be deterministic, efficient, exhibit the avalanche effect, and possess preimage resistance. These criteria ensure the reliability and security of the hash.

Let us go through why is hashing so important in today’s cybersecurity and how it is implemented in various fields.

What is hashing and salting
Hashing is a vital method for safeguarding personal data and passwords in today’s cybersecurity (Image credit)

What is hashing?

Hashing is a process that takes an input, often referred to as a ‘key,’ and transforms it into a fixed-length string of characters, known as a ”hash”. This hash is typically much shorter than the original input. The core components of hashing include:

  1. Hash function: At the heart of hashing is the hash function, which is an algorithm responsible for performing the transformation. A good hash function should meet specific criteria:
    • It should take an input of any size and produce a fixed-length output (e.g., 256 bits).
    • It should be deterministic, meaning the same input will always yield the same hash.
    • It should be quick to compute.
  2. Uniqueness: Ideally, different inputs should produce unique hashes. While it’s theoretically possible for two different inputs to yield the same hash (a collision), modern hash functions are designed to minimize this occurrence
  3. Irreversibility: Hashing is a one-way process, meaning you cannot reverse a…

Source…

Cisco switches to weaker hashing scheme, passwords cracked wide open

/in

Password cracking experts have reversed a secret cryptographic formula recently added to Cisco devices. Ironically, the encryption type 4 algorithm leaves users considerably more susceptible to password cracking than an older alternative, even though the new routine was intended to enhance protections already in place.

It turns out that Cisco’s new method for converting passwords into one-way hashes uses a single iteration of the SHA256 function with no cryptographic salt. The revelation came as a shock to many security experts because the technique requires little time and computing resources. As a result, relatively inexpensive computers used by crackers can try a dizzying number of guesses when attempting to guess the corresponding plain-text password. For instance, a system outfitted with two AMD Radeon 6990 graphics cards that run a soon-to-be-released version of the Hashcat password cracking program can cycle through more than 2.8 billion candidate passwords each second.

By contrast, the type 5 algorithm the new scheme was intended to replace used 1,000 iterations of the MD5 hash function. The large number of repetitions forces cracking programs to work more slowly and makes the process more costly to attackers. Even more important, the older function added randomly generated cryptographic “salt” to each password, preventing crackers from tackling large numbers of hashes at once.

Read 7 remaining paragraphs | Comments


Ars Technica » Technology Lab