lock

Understanding Cryptographic Hashes and Signatures

Apr 15, 2025

Lecture Notes: Cryptographic Hashes and Digital Signatures

Introduction to Cryptographic Hashes

  • Definition: A cryptographic hash represents data as a short string of text, often called a message digest or a fingerprint.
  • Characteristics:
    • Cannot recreate original data from the hash (not an encryption method).
    • Used to verify document integrity.
    • Integral in creating digital signatures for authentication, non-repudiation, and integrity.

Hashing Algorithms

SHA-256

  • Description:
    • Commonly used hashing algorithm.
    • Produces a 256-bit hash, represented as 64 hexadecimal characters.
  • Example:
    • Small changes in input (e.g., changing a period to an exclamation mark) produce significantly different hashes.

MD5

  • Issues:
    • Known to have collision problems (different inputs producing the same hash).
    • Discovered in 1996, making it outdated for security purposes.

Practical Uses of Hashing

  • Document Verification:
    • Verify downloaded files against hashes posted on websites to ensure integrity (common with Linux distributions).
  • Password Storage:
    • Store hashed passwords instead of plain text or encrypted passwords.
    • Use "salt" to add random information, enhancing security and preventing rainbow table attacks.

Salting Passwords

  • Definition: Random data added to passwords before hashing.
  • Purpose: Prevents rainbow table attacks by making each hash unique, even for the same password.

Digital Signatures

Purpose and Process

  • Purpose:
    • Prove message integrity and authentication.
    • Provide non-repudiation.
  • Process:
    • Sender uses private key to create a digital signature from the message hash.
    • Receiver uses sender's public key to verify the signature.

Example: Email Signature

  • Scenario:
    • Alice sends a message to Bob with a digital signature.
  • Steps:
    1. Alice hashes the message and encrypts the hash with her private key (creating a digital signature).
    2. Bob receives the message with the digital signature attached.
    3. Bob's email client uses Alice's public key to decrypt the signature, verifies the hash, and confirms the message integrity and authenticity.

Importance

  • Digital signatures simplify the verification process and ensure message authenticity and integrity without encrypting the entire message.

Conclusion

  • Cryptographic hashes and digital signatures are essential for data verification, secure password storage, and message authentication.
  • Understanding hashing algorithms and the process of creating digital signatures is crucial for cybersecurity practices.

Full transcript