Tuesday, April 16, 2013

Hash and Encryption Explanation

In my current dead-end role, I've became the main technical interviewer. It amazes me on the number of candidates that I interview for IT related roles, and who do not quite understand the differences between a   hash function  & from that of a cipher encryption.

Almost everybody in  the IT business, uses one of these function indirectly and via any of the following technologies an probably on a everyday basis;

VPNs
unix/window password
filesystem encryption
SSH/sFTP/SCP
SSL
etc......


I will try to explain this simple process & the difference with  a "hash function vrs encryption "

A hash function takes data of any variable length, and produce  computer generate hash based on a set algorithm. This hash ( aka message digest )  is of a "fix" length. Common hash types in the IT computer sectors are ;


  • SHA1 20bytes
  • SHA2 ( 224, 256, 384, or 512 bits)
  • MD5  16bytes
Not so Common hash types are;
  • Tiger
  • RipeMD160
  • HAVAL
Take the letter A, let's hash it with md5 and see the resulting  output after the hash function generation ;

sh-3.2$ md5 -s A
MD5 ("A") = 7fc56270e7a70fa81a5935b72eacbe29
sh-3.2$


Okay that produce the above 16bytes ( 128 bit ) md5 hash. This is  a one-way process and not crackable, outside of a brute-force attack. If we would have used sha1, it would have became ;

6dcd4ce23d88e2ee9568ba546c007c63d9131c1b

And the message digest would be 160bits/20bytes in length


Every time we use the one-way hash generator, the resulting hash would always be the same. So if I hash the letter "A" today on one machine, it would still be the same message digest of  7fc56270e7a70fa81a5935b72eacbe29  on another machine. 

Since this hash function will always compute the same message digest for the same data input, we could compute a digital hash to verify that data content has not change. Weaker hash functions have been deprecated due to a hash message for one set of data could result in a computed message digest that would collided with another. These collision where noted via these supper duper mathematical genius & wizards :)

e.g

google "Xiaoyun Wang"



Okay so now let's look at encryption. 

Encryption does thing slightly different, we take un-encrypted data (aka  plaintext ) and encrypted the data within a method to make it a secret from external parties. In all encryption, it's typically done so the data is not grown or reduced in size or content during the encryption process.

Various types of ciphers , provides a set degree of encoding function to the plaintext. And they typically deploy one of the following

block ciphers ( fix blocks of bits of data )

or 

stream ciphers ( pseudorandom streams )

The choice of the encryption cipher might be based numerous factors such as;

speed
strength
choice of block sizes
governmental restrictions
etc....

With all encryption types,  the same Algorithms needs to be used by both parties during the encryption and decryption process to recover the plaintext. 

( e.g   I can't encrypt with 3DES on end and expect to recover the plaintext with AES on the other end  )

So the same encoding function and keys needs to be know, and these are call symmetrical encryption.

Now let's demostrate this using a file I created from a unix ls output;



 
Okay so we will now encrypt this file using  openssl  and the following ciphers types;
aes128 ,
aes192, aes256




You notice that we encrypted the file,  and the size has not changed and the plaintext is not recognized any more.

( see below )



So their you have it,  &  with real examples of  hash function vrs data encryption.

Ken Felix
Freelance Network & Security Engineer
kfelix  a-t hyperfeed -d-o-t- com



 

No comments:

Post a Comment