Introduction to “Hashing”

Hashing is one of the most interesting and relevant topics of Cybersecurity. Why? You’ll find out after reading this blog. So, let’s get started.

What is Hashing? Hashing is a one-way algorithm that is used for the purpose of integrity in Cybersecurity. Integrity is one of the advantages that each organization want to have for securing their data to achieve their goals. Organizations want to make sure that the data that is being transferred is keeping its integrity. So, how do we check if data has maintained its integrity? Hashing is one way to check the integrity of data. As mentioned at the top, hashing is a one-way algorithm which means that once the data has got its hash value, you cannot reserve the hash value to turn it into its original form of data.

How do we get a hash value and how does it work? A hash function is used to create a hash value according to a mathematical algorithm. Once the hash value is generated and the data has been sent; the receiver can then match the hash value of the file that is being generated on their end using the same hashing algorithm with the original hash value. If it’s the same hash value, it means the data has kept its integrity. Let me give an example. User 1 wants to send a file to User 2 but before he sends the file he generates a hash value of the file using hashing algorithms. Once he generates the hash value for the file, User 1 then sends the file to User 2 and User 2 generates the hash value of the same file to match it with the original hash value to check the integrity of the file. How do we know? If both hash values are the same, it means the file has not been modified or changed during it’s transferring process; but; if the hash values do not match, it means the data has not maintained its integrity.

However, there is an interesting twist to it. Two completely different inputs can generate the same hash value using different hashing algorithms. This occurrence in hashing is called the hash collision. There is a picture below to give a better picture of how the hash collision works.

What else hashing can possibly do, right? Hashing can be used to store passwords in the database as well. So in case if the database ever gets hacked, the password is stored as a hash in the database and plaintext passwords are not visible. There are many hashing algorithms, such as Message Digest (MD), RIPEMD, Whirlpool, or Secure Hash Function (SHA). According to many resources, SHA-256 has been considered the most popular hashing algorithm.