An Illustrated Guide to Cryptographic Hashes

    Date 23 Aug 2004
    Category Cryptography
    4654
    Posted By Anthony Pell
    With the recent news of weaknesses in some common security algorithms (MD4, MD5, SHA-0), many are wondering exactly what these things are: They form the underpinning of much of our electronic infrastructure, and in this Guide we'll try to give an overview of what they are and how to understand them in the context of the recent developments. . . .
    With the recent news of weaknesses in some common security algorithms (MD4, MD5, SHA-0), many are wondering exactly what these things are: They form the underpinning of much of our electronic infrastructure, and in this Guide we'll try to give an overview of what they are and how to understand them in the context of the recent developments.

    But note: though we're fairly strong on security issues, we are not crypto experts. We've done our best to assemble (digest?) the best available information into this Guide, but we welcome being pointed to the errors of our ways.
    * What is a cryptographic hash?
    A "hash" (also called a "digest", and informally a "checksum") is a kind of "signature" for a stream of data that represents the contents. The closest real-life analog we can think is "a temper-evident seal on a software package": if you open the box (change the file), it's detected.

    Let's first see some examples of hashes at work.

    Many Unix and Linux systems provide the md5sum program, which reads a stream of data and produces a fixed, 128-bit number that summarizes that stream using the popular "MD5" method. Here, the "streams of data" are "files" (two of which we see directly, plus one that's too large to display).

    The link for this article located at unixwiz.net is no longer available.

    LinuxSecurity Poll

    Are you considering making the switch to Purism's new Librem 14 Linux laptop to improve your security and privacy online?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/31-are-you-considering-making-the-switch-to-purism-s-new-librem-14-linux-laptop-to-improve-your-security-and-privacy-online?task=poll.vote&format=json
    31
    radio
    [{"id":"109","title":"Yes - the hardware kill switches and default ad blocking\/tracking protection sold me on it.","votes":"3","type":"x","order":"1","pct":37.5,"resources":[]},{"id":"110","title":"Not sure yet - I need to do more research.","votes":"4","type":"x","order":"2","pct":50,"resources":[]},{"id":"111","title":"No - I'm satisfied with my current laptop and have no security\/privacy concerns.","votes":"1","type":"x","order":"3","pct":12.5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.