Cryptographic hash functions are algorithms that take data input

(often called the 'message') and generate a fixed-size result (often

called the 'hash' or 'digest'). For example:
"administrator" =>"b3aca92c793ee0e9b1a9b0a5f5fc044e05140df3"

Ideal hash functions make it very difficult to get the original
message back from the digest, reasonably easy to compute a hash for
a given message, infeasible to generate a message with a given hash,
infeasible to modify a message without changing the resultant hash,
and infeasible to find two messages with the same hash.

While no completely ideal function exists, functions which aim
for these properties can prove very useful. A classic example of
cryptographic hash use is in storage of passwords. When you sign up
for a website, your data is usually stored in a database on their
servers. The issue is that if your password is stored on the server as
regular text (often called 'plaintext') and somebody hacks into the
server, your password is completely compromised. If your password is



We will call this the Shaver-8 checksum function.

What it will do is make a hash of an input string by breaking
the message up into nice byte (pun intended) sized pieces then
adding the 8-bit chunks. In our case we will take it in sets of 4
letters as each letter will have a two digit value, with a=01, b=02,
c=03 z=26, space=27.
So the word hi would become: 08-09-27-27
08 for h 09 for i and two 27s for the empty space
This can be expanded so the phrase I am a muffin becomes
the integer sequence: 09270113 27012713 21060609 14272727 and
when each byte (8-bits) is added we get our hash: 71616162




SHA-2
SHA-2 is a set of cryptographic hash functions designed by
the U.S. National Security Agency. SHA stands for Secure Hash
Algorithm. For this example I will be using SHA-256 which is a hash
that will return a 256-bit digest.
This function is so much more in-depth than my super
simple example to the left, the Shaver-8. Where I padded the areas
with no letters with a single value, the SHA function actually creates a
unique padding to fill the empty space so that the whole output will
change just by simply changing one letter. This is called the avalanche
effect.
Example:
Discrete Mathematics =>
08ded10f43715fa63a947560e908f5543ecae2d764f120d0f817
63e03d1bf986
Discrete Mathematics! =>
8d5f4200f81e7b8429356a9a231fc005e264faf3163b1923e738
eba8f7d32bff



Verifying the integrity of files or messages
An important application of secure hashes is verification
of message integrity. Determining whether any changes have been
made to a message (or a file), for example, can be accomplished by
comparing message digests calculated before, and after,
transmission (or any other event).

Password verification
Like above, storing all user passwords as clear text can
result in a massive security breach if the password file is
compromised. One way to reduce this danger is to only store the
hash digest of each password. To authenticate a user, the password
presented by the user is hashed and compared with the stored
hash.

File or data identifier



So we now have a hash of 71616162, thats cool, but what
can we do with it? If your password was I am a muffin the server
that stores your password could just store the value of 71616162
instead, then when you try to log in it checks the hash of your input
against the stored hash. Of course this is a very rudimentary hash and
is not very secure at all but this is the basic idea behind using a check
sum to keep passwords secure.

One drawback to our simple little hash is that if the
message gets large enough, our output will exceed the 8-bit
threshold. This is the nature of hashing, where you can run into
problems when encrypting large pieces of data. The rule of thumb is
that the more data you have, the higher bit size of your hash
algorithm.

In our case, we used 8-bit encryption, but we could easily
increase that to 16, 32, 64, 128 When we increase the bit count we
essentially increase the number of letters we take in per group. So



Comparing these side by side:
08ded10f43715fa63a947560e908f5543ecae2d764f120d0f81763e03d1bf986
8d5f4200f81e7b8429356a9a231fc005e264faf3163b1923e738eba8f7d32bff

You can see that even though there is only one additional
character, the hash changes entirely. This is the sign of a very secure
encryption.

And a little side note, if you think that that string of numbers
doesnt look like much, remember that this is BASE-16 not BASE-10.
So each digit can be a 1-F (a=10, b=11 F=16) so SHA-256 has
1,852,673,427,797,059,126,777,135,760,139,006,525,652,319,754,65
0,249,024,631,321,344,126,610,074,238,976 (16
65
) Possible outputs!

Fun Tip: Banks normally use 128-bit SHA-1 encryption when
encrypting online banking data, the encryption I show above is
twice that!

Frankel, S. Internet Draft The HMAC-SHA-256-128 Algorithm and
Its Use With Ipsec, June 2002. URL: http://www.ietf.org/internet-
drafts/draft-ietf-ipsec-ciph-sha-256-01.txt
RSA Laboratories. What is a hash function?, Date Unknown. URL:
http://www.rsasecurity.com/rsalabs/faq/2-1-7.html
Silva, J. E. (2003, January 15). An Overview of Cryptographic Hash
Functions and Their Uses . . Retrieved May 2, 2014, from
https://www.sans.org/reading-room/whitepapers/vpns/overview-
cryptographic-hash-functions-879
Landau, S. Find Me a Hash. Notices of the American Mathematical
Society, Vol 53, Pg. 330-332.
Also credit to http://www.xorbin.com/tools/sha256-hash-calculator
which I used to generate the sha-256 hashes