Ready to Start Your Career?

Basic File Hashing - Part 2: A Quick Look at Hashing Applications

junkwerks s profile image
By: junkwerks
August 11, 2016
Basic File Hashing - Part 2: A Quick Look at Hashing Applications - CybraryIn my last article, we looked at manual file hashing from the command line in Linux, OSX and Windows 10. Now, we'll take a simple look at several applications for hashing.First, a note on the terminology of hashes. There are several names for the hash string returned by the cryptologic hashing function. When you hear or see the terms - checksum, digest, digital fingerprint, hash, hash-value, or message digest - they all mean the same thing: the returned hash string.One purpose of using a hash is to verify that a file or message has not been changed intentionally or unintentionally. In the first article, we saw that the Virtualbox website provides the downloader hashes for each of the files that may be downloaded from their website. The user will manually hash the file after the download completes and compare the returned hash with the one listed on the website. It should be the same. If not, something is wrong and the user should not attempt the installation.Likewise, most package managers used in Linux also employ hashing to verify the package integrity prior to installing or updating the package contents to the system. Here, the hash is automatically handled by the package management system. A failed hash comparison typically throws an error and terminates the installation/update process.Messages such as e-mails can be hashed. This not only helps in verifying message integrity, but also can provide authenticity and non-repudiation if the hash is encrypted with the sender's private key. This requires a PKI (Public Key Infrastructure) to be in-place. The result is a digital signature, which verifies to the message receiver that the person claiming to have sent the message did, in fact, send it. In this case, the sender cannot deny having sent it (non-repudiation). In this example, the message was not encrypted. This means that the sender is not trying to hide the message, but rather trying to prove that they sent the message.If you'd like to learn e-mail encryption and digital e-mail signing, I suggest using Thunderbird, the Enigmail addon, and gpg. There are plenty of resources to get you started available via your favorite search engine. The setup process is quite lengthy, as you'll need to properly configure Thunderbird to send and receive email, generate your public and private keys and setup the keys to work with Thunderbird and Enigmail. The effort is worth it if you want to further your understanding of how this works.Most modern computer systems use a hash to store passwords. If you're on Linux as root, look at the /etc/shadow file (an example for those of you on Ubuntu or similar: sudo less /etc/shadow). When a user provides a password to login, a hashing function provides a digest of of the password to compare to the hash stored in the shadow file. Know that passwords are typically “salted” now, so the hash stored in the shadow file is not what you'd get if you hashed your password on the command line. Salting is an additional security measure to make hacking the user accounts more difficult.To see one more example of hashing in action, go here: the page loads, click on the “Search” tab just above the text box. In faint grey, you can see that you can submit a hash of a file. Virustotal will then lookup that hash against databases of 50+ virus scanners.Hashes are used in many other computer utilities, but the concepts are the same. Next time, we'll conclude with another method of hashing from the command line in *nix systems.
Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry