Time
12 hours 41 minutes
Difficulty
Advanced
CEU/CPE
13

Video Description

This lesson covers hashing, specifically integrity. In this concept, we are trying to get a guarantee that the information has not been modified. Hashing is a digital representation of a file and if the file changes, the hashing changes. Hashing algorithms include: • MD-5 • SHA-1 160 • SHA-256 • RipeMD, Tiger, Whirlpool and HAVAL are lesser known but still used

Video Transcription

00:04
okay, s so we've talked about privacy, and we've talked about using symmetric or asymmetric algorithms to get us privacy. And we talked about how usually we use hybrid. We use asymmetric cryptography for key exchange than symmetric cryptography for encrypted data exchange. So now let's move on to integrity.
00:23
And when we talk about integrity, what we're trying to do is to get a guarantee
00:27
that the information has not been modified, whether to file or a message, whatever that might be. So we want an assurance against modification.
00:36
Now, there are three ways we can get that assurance, and the first is through using a hash and ah, hash will look at in just a moment is good to detect accidental modification.
00:48
Okay, doesn't do very well to protect to detect intentional modification, but it is good to detect corruption. If you need some assurance against intentional modification, you need to use either a Mac or digital signature, and we'll talk about why those things are. But the three elements will talk about in the section hashes
01:07
message, authentication codes
01:10
and visual signature. So let's go and get started with a hatch. Okay, so the whole purpose of a hash. Let's just say you and I are communicating across an unreliable line. Packets get dropped, there's lots of interference. It's just not reliable.
01:25
And all I care about is when I give you when I send you the message, I want you to know it's not been corrupted. That's all I care about. I'm not trying to protect its privacy. I'm not trying to guarantee the message came from me not trying to do any of those things. All I want is Thea Assurance that it hasn't been corrupted
01:45
so ahead of time. You and I agree that for the message will take each letter in the message, figure out its numeric equivalent. All right. So, for instance, my messages Hello
01:56
and H is the eighth character of the off man. He's the film, tells the 12 12 and owes the 15th. So we've decided what we'll do is we'll have our message.
02:07
Then we'll add up the numeric value of all the letters in our message, and we'll put that down at the bottom of the message. So if you add up eight and 5 12 and 12 and 15 that gives us the number 52
02:20
So my message is Hello? Have the number 52 at the bottom of the message, and I send you the message.
02:25
Okay, When you get that message, you do the same map, right? You take all the letters numeric value, you Adam up together. And if you come up with the number 52
02:36
and I had come up with the number 52 we get the reasonable assurance that nothing's changed. Now, let me tell you, I realize this is a very weak mechanism. I understand that something changed one way and another could go back murder and that this is this is absolutely very weak. This isn't one of the hashing out rhythms and use digitally speaking today,
02:55
but it's the same idea,
02:57
right? If the message changes than the hash changes, he says a very important idea. And this is the general concept of hashing. So before I send the message, my application hash is it When your application receives the message before it's opened, it gets hashed. If the two hashes match,
03:15
then we assume there's been there modification.
03:19
If you've ever downloaded a file from the Internet and you get a message that says this file was corrupt. What's happened is that the hashes don't match. Okay, so that's very significant now. The problem with that, though, is if I were to maliciously modify the message
03:35
if I could maliciously modify your message, I could also maliciously modify your hash.
03:40
Right. There's nothing in a hash that guarantees Kelly Hander Head is the one that put the hash on the document.
03:46
So that's why we can't use hash to detect hash is to detect malicious modification, but it's very good to detect corruption. Okay, we're gonna We're gonna leave it right there for now. Okay? So hashes give us integrity. Now, a few other things to know about hashes.
04:01
All right, if the file changes, the hash absolutely should change this other idea. This third bullet 0.1 way math.
04:11
What we mean by one way, math is it's math. It's very easy to perform in one direction and very difficult to reverse.
04:17
For instance, it's very important that if someone were to discover the hash of a message, they could not determine what the message waas. So, for instance, let's say that the message was encrypted right and all that was on the network in plain text was the number 52.
04:34
Would you ever be able to go back and rebuild the message? Hello,
04:39
you know it's conceivably possible. But the you know the work effort would be so very much to do that. And another thing that significant about hashes is the size of the hash does not change based on the size of the message. So my little silly hashing mechanism, you know of the numeric value of each letter.
04:58
You can get some indication of what the message is by how long the hashes.
05:01
But really hashing algorithms are the same size, whether the messages, one character or 1,000,000 characters. Okay, my fact, sometimes you'll hear people talk about a variable late message of fixed length hash, and that's very important as well. So the bottom line or the big significant piece here, is
05:18
even if the hash is on the network and clear text, and it often is,
05:24
it doesn't matter because the hash can't be used to rebuild the message. All right, now, um, definitely testable. When two different documents produced the same hash, it's called a collision
05:36
because think about that. As the text changes the hash changes. So there should be that, you know, there should not be the ability to have two different documents with the same hash. Now, that being said,
05:53
just like there's nothing that's encrypted that can't be decrypted.
05:57
Eventually you will have two different documents produced the same hatch, for instance. We have two main hashing algorithms. We have MD five and we have Sean one now. Really, Today we're using Shot 2 56 So in MD. Five kind of dropping off So MD five produces 128 bit hash.
06:15
Shaw one produces 160 bit hash
06:19
shot you 56 256 bit hash.
06:23
What's significant about this is for Shot 2 56 Regardless of how long the messages the hash will be, 256 bits
06:32
show 165th Indy 528 bits. So if I only have 128 bits with Indy five, I will eventually run out of potential values, right? There are 2 to 128th power of potential values. Were possible combinations
06:51
friendly fire. So eventually
06:54
we will re use a hash that's already been used
06:57
and when that happens, that's called a collision. So it's really not that hashes are collision proof, but they have to be sufficiently collision resistant. And by that I mean, you know,
07:10
um, it used to be the standard that somewhere around two to the 70th power off attempts could not yield a collision. And I don't love their standards have changed based on processing capability or whatever, but the bottom line is, it should be very, very, very, very unlikely that a collision occurred.
07:28
And if I'm able to modify a document in the hash, doesn't change what we have a huge row. Okay, so a collision is when two different documents produced the same hatch.
07:39
There is an attack called a birthday attack that attempts to cause that collision. Okay. And the birthday attack is always my favorite attack because it's kind of based on the premise. I'd rather be lucky than smart,
07:54
whether or not there's truth to that, I'm not gonna let you know. But sometimes it's better to be lucky than smart and to say that more formally, the idea of a birthday attack is based on the idea that it's easier to find two hash is that just happen to match than it is to produce a specific hash.
08:11
So if you've got a document that's been hashed
08:15
and you're trying to modify that document to meet your needs and still come up with same hash, it is so astronomically unlikely to happen,
08:24
however, to hash is there will be a collision somewhere out there. Just out of dumb luck. It's much harder to create a specific cash than it is to just dumb luck into producing hash that matches something else. I hope that makes sense,
08:39
All right. So with hashing algorithms as I mentioned, variable length message, fixed length hash that should be hash MD five is Ah, message Digest. That's another word for Hash Message Digest Shawn. One secure hashing algorithm, 160 bit shot to 56
08:58
eyes becoming much more widespread, and you show one's probably still most frequently used with Shaw.
09:05
2 56 Very, very popular. Now there are some other algorithms that are used that you rarely see, but they could show up. There's right MD. There's Tiger World Pool. Hey, ball.
09:16
You know, one of things about Ripened D is it is, um, it's
09:22
It's a proprietary. Actually, not. It's not that it's proprietary. It is. It doesn't come from the government. You know, one of the things that will continue to talk about with cryptography is the privacy community versus the government. And you know a lot of the standard algorithms that we use.
09:41
Advanced encryption, standard data encryption standard.
09:46
Triple that encryption standard those air all sanctioned from the government. Shawn. One from the government.
09:54
Um, so with the cryptographic community, many people in cryptographic community feel like, Well, if the government sponsors or has sanctioned these algorithms, if you will, then who's to say there's not a back door in them? Who's to say that they wouldn't lead to, ah, compromise somewhere down the line? So
10:13
Phil Zimmerman came up with the algorithm idea for just that purpose.
10:18
Ripe Indies and another non standard checking site proprietary algorithm. Um
10:24
e r. There's gonna be testable. I doubt it, quite honestly. If anything, I would be able to pick out Ripen de Tiger Roll World pool and hey ball out of the list, and I would be able to say those air hashing out rhythms right so I would be able to look and say, MD five. That's a hatch show, 1/2 shot to 56
10:43
ripen DeHaven Tiger World pool
10:46
That would be a steep is I would get now you do need to know the bit. Links for MD 51 28 shot 11 60 shot 2 56
10:58
obviously to 56 other elements about a hash one way math
11:03
so hashes cannot be reversed. The significance of that is we don't care if a hash appears on the network in plain text. An attacker should not be able to do anything with it.
11:13
Remember, a collision is when two different pieces of point of two different documents create the same hash, and a birthday attack is an attempt at causing collisions that should be pretty sufficient.

Up Next

ISC2 CISSP

Our free online CISSP (8 domains) training covers topics ranging from operations security, telecommunications, network and internet security, access control systems and methodology and business continuity planning.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor