Kelly HanderhanSkilled and certified in CISSP, CASP, and PMP, SME Kelly has taught several courses on Cybrary and is highly praised for her ability to effectively communicate important information in a relate-able and understandable way. You can view her extended (2 minute) bio here.Don't forget to comment!Tell us what you think, and share your own knowledge.
Listen to / Download the MP3[insert_vertical_space the_pixels="10"] Purpose of this Session:A key security control is that of data integrity. This is important for a number of reasons. We’d like to know that the files we send and receive haven’t been modified either due to data corruption or by attackers. Data transmitted across unreliable links are subject to dropped packets or corruption due to noise or other interference. Files can be also be intentionally modified for malicious reasons. Sensitive documents such as contracts and those containing PII can’t be trusted unless there is some sort of mechanism that assures its integrity. One such assurance mechanism is integrity checking using hashing. Hashing is a one-way algorithm that yields a numeric value based on calculations performed on the data contained in a message, password, or file. The simplest type of hash (also referred to as a message digest) is the sum of the characters in a message or file. Obviously, such a hashing algorithm would be easy to crack in short order, but the concept remains the same. The one-way nature of a hash should make it trivial to produce, but difficult to reverse. More complex hashing algorithms have evolved to more closely approach this ideal. A great way to conceptualize this is to think of a shattered glass. It’s quite easy to drop and shatter a glass. Picking up the pieces and attempting to put it back together is another thing entirely!Hashing is also used to safeguard passwords. The hashing algorithm is typically run within various applications such as email apps, browsers, etc. Various hashing mechanisms have evolved over the years in a move to towards increasing complexity as early and simpler hashing algorithms were cracked. An older algorithm is MD5 which is typically used for password protection. Others are SHA1 and SHA2 which use an increasingly larger bit length for the hash.The primary threat to hashing is what is known as collision. This is the situation where two different messages produce the same hash. Ideally, each message should yield a unique hash; however, this is not always possible. This is why increasing the bit length for the hash reduces the possibility of collisions.