Hashing Algorithms: Cryptography, Password Hashing

Owned by Computer Science Department
Last updated: Aug 06, 2023
4 min read

Hashing is a technique that is widely used in computer science for various applications such as data compression, indexing, and cryptography. Cryptographic hash functions are a special type of hash function that are designed to be irreversible, meaning that it is difficult or impossible to recover the original input from the hash output. Password hashing is one of the primary applications of cryptographic hash functions.

A cryptographic hash function takes an input message of arbitrary length and produces a fixed-length output, known as a hash value or message digest. The hash value is typically a sequence of bytes that represents the original message. A good cryptographic hash function should have the following properties:

  1. Deterministic: Given the same input message, the function must always produce the same hash value.

  2. One-way: It should be computationally infeasible to determine the original input message from the hash value.

  3. Collision-resistant: It should be computationally infeasible to find two different input messages that produce the same hash value.

There are several commonly used cryptographic hash functions, including SHA-256, SHA-512, and BLAKE2. These algorithms are widely used in security protocols such as digital signatures, message authentication codes, and password storage.

In the context of password hashing, a good cryptographic hash function is used to transform a user's password into a hash value that is stored in a database. When the user attempts to log in, the system hashes the input password and compares the resulting hash value to the stored hash value. If the two values match, the system allows the user to log in. This process ensures that even if an attacker gains access to the password database, they cannot recover the original passwords, because the hash function is designed to be irreversible.

However, simply hashing passwords is not enough to protect them from attacks such as dictionary attacks, where an attacker tries to guess passwords by hashing common words and phrases. To protect against such attacks, a technique called "salting" is used, where a random value called a salt is added to the password before hashing. The salt value is stored alongside the hash value in the database, and when the user logs in, the salt is used to recompute the hash value, which is then compared to the stored value. This technique makes it much more difficult for attackers to guess passwords, because they would have to guess both the password and the salt value in order to compute the correct hash value.

In summary, hashing algorithms play an important role in computer security, particularly in the context of cryptography and password hashing. Cryptographic hash functions are designed to be irreversible, and are used in a variety of security protocols to ensure data integrity and authenticity. Password hashing is a specific application of cryptographic hash functions, where the goal is to protect user passwords from being compromised in the event of a security breach. Salting is a commonly used technique to enhance the security of password hashing by adding a random value to the password before hashing.

Simple Example:

// main.cpp // HashDemo // Created by Kevin Roark /* Below is a very simple example using the std::hash function provided by STL. This function is typically used for creating hash values of keys to insert into hash tables, so it is not suitable for password storage or any other cryptographic purposes, but it can still demonstrate the basic principle of hashing. */ #include <iostream> #include <functional> #include <string> using namespace std; int main() { // Define a string password string password = "password123"; // Create an instance of std::hash hash<string> hashFunc; // Hash the password size_t hashedPassword = hashFunc(password); // Print the hashed password cout << "Hashed password: " << hashedPassword << endl; return 0; }

Creating a cryptographic hash function from scratch in C++ is not a straightforward task and is usually not recommended due to security reasons. However, for educational purposes, you can use some built-in hash functions provided by the STL (Standard Template Library).

The above is a very simple example using the std::hash function provided by STL. This function is typically used for creating hash values of keys to insert into hash tables, so it is not suitable for password storage or any other cryptographic purposes, but it can still demonstrate the basic principle of hashing.

In this program, std::hash is a function object that takes a string and returns a size_t value that represents a hash of the string. This can be used to get a pseudo-unique value for each unique input string. However, keep in mind that this function is not suitable for cryptographic purposes because it is not designed to be resistant to preimage attacks, it does not have a fixed output size (it varies depending on the platform), and it is not guaranteed to produce different results for different inputs.

For cryptographic hashing, please always use a well-vetted cryptographic library like OpenSSL, Crypto++, or a similar library. Writing your own cryptographic code is extremely risky and can lead to serious security vulnerabilities.

2024 - Programming 3 / Data Structures - Author: Dr. Kevin Roark