Scribd
Upload
25 views12 pages

Information Security Lecture 6

This lecture covers the fundamentals of hashing in information security, explaining how hash functions convert input data into fixed-length strings for purposes like data integrity and authentication. It details properties of cryptographic hash functions, common algorithms, applications such as password storage and digital signatures, and discusses potential attacks on hash functions. Best practices for secure hashing, including the use of strong algorithms and salting techniques, are emphasized to enhance data protection.

Uploaded by

bsf23000703
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
25 views12 pages

Information Security Lecture 6

This lecture covers the fundamentals of hashing in information security, explaining how hash functions convert input data into fixed-length strings for purposes like data integrity and authentication. It details properties of cryptographic hash functions, common algorithms, applications such as password storage and digital signatures, and discusses potential attacks on hash functions. Best practices for secure hashing, including the use of strong algorithms and salting techniques, are emphasized to enhance data protection.

Uploaded by

bsf23000703
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 12

Information Security

Lecture 6

Hira Zaman

Department of Computer Science,

The University of Education, Lahore

Attock Campus
Hashing in Information
Security

• Understanding Hash Functions, Properties, and


Applications
Introduction to Hashing
• Hashing converts input data into a fixed-length
string.

• Used for data integrity, authentication, and


cryptography.

• A hash function returns a fixed-size string from an


input.
How Hashing Works
• Input data → Hash function → Hash value (digest)

• Example: "Hello" → SHA-256 →


185F8DB32271FE25F561A6FC938B2E26...

• The same input always produces the same hash.


Properties of Cryptographic
Hash Functions
1. Deterministic: Same input → same hash

2. Fast Computation: Efficient processing

3. Preimage Resistance: Hard to reverse

4. Second Preimage Resistance: Hard to find another


input with same hash

5. Collision Resistance: No two inputs should have


same hash.
Common Hashing
Algorithms
• MD5: 128-bit, considered weak

• SHA-1: 160-bit, no longer secure

• SHA-256: 256-bit, widely used

• SHA-3: Highly secure (Keccak algorithm)


Applications of Hashing
• Password Storage: Protects passwords

• Digital Signatures: Verifies authenticity

• Data Integrity: Detects data tampering

• Blockchain: Used in cryptocurrency security


Attacks on Hash Functions
• Collision Attack: Finding two inputs with the same
hash

• Brute Force Attack: Trying all possible inputs

• Length Extension Attack: Exploiting certain hash


functions
Salting & Hashing for
Secure Password Storage
• Salting: Adds a random string to passwords before
hashing

• Key Derivation Functions:

- PBKDF2

- bcrypt

- Argon2 (Recommended)
Best Practices for Secure
Hashing
• Use strong hash functions (SHA-256, SHA-3)

• Avoid deprecated algorithms (MD5, SHA-1)

• Implement salting for password security

• Use key-stretching techniques


Conclusion
• Hashing is essential for information security

• Choosing the right hash function is crucial

• Best practices enhance data protection


Q&A
• Any questions?
• Let's discuss real-world examples of hashing!

You might also like