One-Way Hash Functions

Overview of One-way Hash Functions

Overview

Properties of One-way Hash Function

Common One-way Hash Functions

MD: Message Digest

SHA: Secure Hash Algorithm

How One-Way Hash Algorithm Works

Merkle-Damgard

One-Way Hash Commands

1
2
3
4
5
6
7
echo -n "Golden Rams" > file.txt
md5sum file.txt
sha256sum file.txt
openssl dgst -sha256 file.txt
openssl sha256 file.txt
openssl md5 file.txt
openssl dgst -md5 file.txt

Computing One-Way Hash in Programs

1
2
3
4
python3
>>> import hashlib
>>> m = hashlib.sha256()
>>> m.update(b"Golden Rams")
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/sha.h>

int main(int argc, char* argv) {
  SHA256_CTX ctx;
  u_int8_t results[SHA256_DIGEST_LENGTH];
  int i;
  char *msg_part1 = "Golden ";
  char *msg_part2 = "Rams";

  SHA256_Init(&ctx);
  SHA256_Update(&ctx, msg_part1, strlen(msg_part1));
  SHA256_Update(&ctx, msg_part2, strlen(msg_part2));
  SHA256_Final(results, &ctx);
  printf("%s%s\n", msg_part1, msg_part2);
  for (i = 0; i < SHA256_DIGEST_LENGTH; i++) {
    printf("%02x", results[i]);
  }
  printf("\n");
}
1
2
gcc -o calculate_sha256 calculate_sha256.c -lcrypto
./calculate_sha256 

Applications of One-Way Hash Functions

Integrity Verification

1
2
echo -n "Golden Rams" | sha256sum
echo -n "G0lden Rams" | sha256sum

Committing a Secret Without Telling It

Password Verification

1
sudo cat /etc/shadow | grep root
1
2
3
4
5
6
useradd -m -s /bin/bash seed
echo "seed:dees" | chpasswd
useradd -m -s /bin/bash seed2
echo "seed2:dees" | chpasswd
cat /etc/shadow | grep seed
cat /etc/shadow | grep seed
1
2
seed:$6$6m4jvilqG3xbXlNa$xHCTxjkWN0Agbo5jBl8xl1EkEN7kyakIHr87Mw2oG1vwV2y2fllXiY5pspZfcu6orQuclyo530S/okBMk2oTy/:19480:0:99999:7:::
seed2:$6$CbEbHBQYnmoyZtw6$EgS8kC6qZXbgJ9tRsucryLKarHRg4NZcXZJ7zAkBoeZ8otrkwx4E3IjjRkrMJmQh9YrP0osbno9RyETkvwDye0:19480:0:99999:7:::
1
2
3
4
python3
>>> import crypt
>>> print(crypt.crypt("dees","$6$6m4jvilqG3xbXlNa"))
>>> print(crypt.crypt("dees","$6$CbEbHBQYnmoyZtw6")) 

Trusted Timestamping