If you look up the word "hash," you will see several definitions. One of the definitions is to chop food into small pieces. That is what a hash algorithm does to data. A hash algorithm will chop or reduce a variable-length block of text to produce a fixed-length hash value. The other key factor is that a hash value is a one-way function in that it cannot be restored to the original message. In this chapter, we'll describe the concept of the hash algorithm and investigate the many ways we can use a hash value.

Not all hash algorithms are the same in that some have more desirable attributes. We'll talk about what comprises an exceptional attribute when using a hash algorithm and list several desired qualities. We'll then take a look at the hash algorithms that are in use today, and why some are no longer in use. Finally, we'll take a closer look at how message authentication works, along with outlining a few practical...

In order to securely exchange data, we use more than just encryption algorithms, we also use cryptographic tools, techniques, and protocols.

Symmetric and asymmetric encryption ensures confidentiality by scrambling data into an unreadable form. The message won't mean anything to anyone unless they have the key. With the key, we can decrypt the data so that it makes sense.

Along with encryption, another important cryptographic technique is hashing. In this section, we'll outline what it means to create a hash of a message, and see what characteristics make a hash of a message different from encrypting a message. We'll also review the many uses for a hash algorithm.

Let's start with learning how a hash is created.

Creating a hash

Encryption uses a key or pair of keys. When we encrypt a message, we can decrypt the message as long as we have the key. A hash is different in that it is one-way. You cannot generate the original...

In order for a hash algorithm to be effective, it must be able to generate a hash algorithm quickly and efficiently. In addition, it must have several other properties to provide the best security. An optimal algorithm must be able to stand the test of time and remain a solid algorithm, even with advances in technology.

In this section, we'll outline and explain some of the desired properties of an exceptional hash algorithm, such as non-reversibility, collision resistance, and determinism.

Let's start with the non-reversibility or one-way property.

Generating a one-way function

When we say one-way, we mean it. A variable-length block of data goes into the function, and a fixed-length hash is returned as the output. The output has no resemblance to the original block of data in any way. Nor is there any way to reconstruct the data to become the original. This non-reversible property is optimal as it makes a more secure hash...

Similar to the choices we have when using encryption, there are several hash algorithms. Each one compresses the data a bit differently in order to create a message digest. In this section, we'll review some of the more common hash algorithms in use today and see why some are more secure than others.

First, we'll take a look at an early hash algorithm, the message digest algorithm, and then discuss SHA. Then we'll review some of the versions of SHA that are more acceptable hash algorithms used for cryptographic processes. Finally, we'll briefly discuss some of the permutation-based hash algorithms that are starting to gain traction, as an even more secure cryptographic option.

Let's start with one of the earliest cryptographic hashes, the message digest algorithm.

Using the message digest algorithm

Hashing a block of text produces a message digest. Ronald Rivest designed the aptly named message digest algorithm,...

When providing message authentication, we have several methods that can provide assurance that the message came from an authorized sender and was not modified during transmission.

In this section, we'll take a look at creating a MAC using symmetric encryption for a single message such as a document. Then we'll take a look at using a MAC while encrypting data.

Let's start with how we can create a MAC.

Creating a MAC

A MAC is a code that authenticates or verifies the sender. To provide message authentication, we can use the following:

• Asymmetric (public key) encryption. We covered this method in Chapter 5 Dissecting Asymmetric Encryption, in the Creating a digital signature section.
• Symmetric encryption using a shared secret key.

Either method can be used when sending a message across an insecure network. The method used will depend on the application.

Let's outline what happens when creating a MAC using...

In this chapter, we learned how a hash algorithm is a one-way function that takes a variable-length block of text and creates a fixed-length output. The output is referred to as a message digest. A message digest can be used in a variety of applications. We saw how it can ensure file integrity, create a digital signature, or verify a password. In addition, we can use a hash to identify data within a hash table and create a blockchain.

Not all hash algorithms are created equal in that there are several optimal hash properties. We reviewed these properties, including the one-way nature of the algorithm in that the message digest bears no resemblance to the original text. We also saw how a hash needs to consistently create the same hash every time the algorithm is run on a block of data. And we learned that one of the more important properties is collision resistance.

We reviewed several common hash algorithms, namely those in the message digest and SHA families. We know...

Now it's time to check your knowledge. Select the best response, then check the answers in the Assessment section at the end of the book:

1. When generating a hash, we create a message _____, which is used to ensure data integrity.

   a. chain

   b. digest

   c. key

   d. collision

2. During the digital signature process, the message digest is then encrypted using the sender's private key, which then becomes a(n) _____.

   a. key

   b. collision

   c. smart card

   d. HMAC

3. Today, there are billions of devices on the Internet of Things (IoT). The data generated by IoT devices is called _____ data.

   a. big

   b. key

   c. Rivest

   d. collision

4. A hash algorithm should be _____; this means that the algorithm will produce the same hash each and every time the algorithm is run on a given block of data.

   a. ElGamal

   b. round

   c. deterministic

   d. Galois

5. Ronald _____ designed the aptly named message digest algorithm, which had several versions in the early 1990s.

   a. Rivest

   b. Enigma

   c. ElGamal

   d. Rijndael...

Please refer to the following links for more information:

• To learn how a MAC is used to authenticate a message, visit http://www.crypto-it.net/eng/theory/mac.html.
• Visit https://ww1.microchip.com/downloads/en/AppNotes/00730a.pdf to discover how to calculate a cyclic redundancy check.
• To see how Hadoop is used to harness big data, visit https://blog.scottlogic.com/2016/01/13/introduction-to-hadoop-and-map-reduce.html.
• Read about WEP security issues here: http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html.
• Learn more about the attacks on MD4 and MD5 here: https://csrc.nist.gov/News/2004/NIST-Brief-Comments-on-Recent-Cryptanalytic-Attack.
• We can see an article written by Ronald Rivest on MD4 here: https://dl.acm.org/doi/10.5555/646755.705223.
• View this article to learn how a hash table is created: https://www.tutorialspoint.com/data_structures_algorithms/hash_data_structure.htm.
• Read up on what the Keccak team is doing here: https...