What is Hashing in information security?

Information SecuritySafe & SecurityData Structure

Hashing is the procedure of translating a given key into a code. A hash function can be used to substitute the data with a newly generated hash code. Hash algorithms are generally used to offer a digital fingerprint of a file’s contents often used to provide that the file has not been changed by an intruder or virus. Hash functions are also employed by some operating systems to encrypt passwords. Hash functions support a measure of the integrity of a file.

Hashing creates use of algorithms that convert blocks of information from a file in a much shorter value or key of a constant length that define those strings. The resulting hash value is a sort of concentrated summary of each string inside a given file, and must be able to change even when an individual byte of data in that file is transformed (avalanche effect).

This supports massive advantage in hashing in terms of data compression. While hashing is not compression, it can work very much like file compression in that it takes a higher data set and shrinks it into a more feasible form.

A good hash function for security goals should be a unidirectional process that need a one-way hashing algorithm. Therefore, hackers can simply reverse engineer the hash to transform it back to the original data, defeating the goals of the encryption in the first place.

It can increase the uniqueness of encrypted outputs, random information can be added to the input of a hash function. This technique is called a “salting” and guarantees unique output even in the method of identical inputs.

A cryptographic hash function should behave as much as applicable like a random function while still being deterministic and efficiently computable. A cryptographic hash function is treated insecure if either of the following is computationally feasible −

  • It can be finding a (previously unseen) message that matches a given digest.

  • It can be finding “collisions”, wherein two different messages have the same message digest.

An attacker who can do either of these things might, for instance, it can use them to substitute an unauthorized message for an authorized one. Conceptually, it must not even be feasible to discover two messages whose digests are substantially same; nor would one want an attacker to be able to understand anything beneficial about a message given only its digest. The attacker learns minimum one piece of information, the digest itself, which for instance provides the attacker the ability to identify the same message should it appear again.

Hashing is also valuable in avoiding or analyzing file tampering. The initial file will generate a hash which is maintained with the file data. The file and the hash are sent, and the receiving party checks that hash to view if the file has been negotiated. If there were any changes to the document, the hash will display that.

Updated on 07-Mar-2022 07:29:20