Basic File Hashing – Part 2: A Quick Look at Hashing Applications

August 11, 2016 | Views: 1507

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

In my last article, we looked at manual file hashing from the command line in Linux, OSX and Windows 10. Now, we’ll take a simple look at several applications for hashing.

First, a note on the terminology of hashes. There are several names for the hash string returned by the cryptologic hashing function. When you hear or see the terms – checksum, digest, digital fingerprint, hash, hash-value, or message digest – they all mean the same thing: the returned hash string.

One purpose of using a hash is to verify that a file or message has not been changed intentionally or unintentionally. In the first article, we saw that the Virtualbox website provides the downloader hashes for each of the files that may be downloaded from their website. The user will manually hash the file after the download completes and compare the returned hash with the one listed on the website. It should be the same. If not, something is wrong and the user should not attempt the installation.

Likewise, most package managers used in Linux also employ hashing to verify the package integrity prior to installing or updating the package contents to the system. Here, the hash is automatically handled by the package management system. A failed hash comparison typically throws an error and terminates the installation/update process.

Messages such as e-mails can be hashed. This not only helps in verifying message integrity, but also can provide authenticity and non-repudiation if the hash is encrypted with the sender’s private key. This requires a PKI (Public Key Infrastructure) to be in-place. The result is a digital signature, which verifies to the message receiver that the person claiming to have sent the message did, in fact, send it. In this case, the sender cannot deny having sent it (non-repudiation). In this example, the message was not encrypted. This means that the sender is not trying to hide the message, but rather trying to prove that they sent the message.

If you’d like to learn e-mail encryption and digital e-mail signing, I suggest using Thunderbird, the Enigmail addon, and gpg. There are plenty of resources to get you started available via your favorite search engine. The setup process is quite lengthy, as you’ll need to properly configure Thunderbird to send and receive email, generate your public and private keys and setup the keys to work with Thunderbird and Enigmail. The effort is worth it if you want to further your understanding of how this works.

Most modern computer systems use a hash to store passwords. If you’re on Linux as root, look at the /etc/shadow file (an example for those of you on Ubuntu or similar: sudo less /etc/shadow). When a user provides a password to login, a hashing function provides a digest of of the password to compare to the hash stored in the shadow file. Know that passwords are typically “salted” now, so the hash stored in the shadow file is not what you’d get if you hashed your password on the command line. Salting is an additional security measure to make hacking the user accounts more difficult.

To see one more example of hashing in action, go here: https://www.virustotal.com/

Once the page loads, click on the “Search” tab just above the text box. In faint grey, you can see that you can submit a hash of a file. Virustotal will then lookup that hash against databases of 50+ virus scanners.

Hashes are used in many other computer utilities, but the concepts are the same. Next time, we’ll conclude with another method of hashing from the command line in *nix systems.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel