Secure Digest Functions
A secure digest function or secure hash function is a mathematical function that converts an input into a fixed length output which is called a hash. Hashes are also called as message digests and digital fingerprints.
Same input will give the same hash value, despite the number of times. This method should be irreversible i.e. we should not be able to get the input by using the hash value.
Different inputs will give different hash values generated by the hash function. However, if it does not happen, it is called a collision. Collisions make a hash function weak. Ideally, H(x) should be collision-free.
Using hash functions is relatively easier than encryption, as encryption requires more time. This method is significantly harder to reverse.
Once the hash value is obtained, it is appended to the message and sent to the receiver. The receiver will use the same hash function to calculate the hash value of the message received. If the hash value sent by the sender is equal to the hash value calculated by the receiver, that means that receiver has received everything sent by the sender. If it is not equal, it could mean that the message has been altered by a third party and integrity has been violated.
Hash functions therefore is used for authenticating the original message.
Applications of hash functions : Password storage, Torrent downloads etc.
Some of the well know hash functions are : MD-5, SHA-1, RIPEMD, Whirlpool
MD-5
Message Digest algorithm 5 or MD-5 is one of the widely used hash functions and was created by Rivest. It is a 128-bit hash function and is preceded by MD2 and MD4. The hash function helps in assuring integrity of the transferred message or file.
For example : File servers often provide a pre-computed MD-5 checksum so that a user who downloads it can compare the checksum of the downloaded file and ensure it has not been altered.
MD-5 algorithm processes data in 512-bit blocks, broken down into 16 words composed of 32 bits each. The output is a 128-bit message digest value. The digest value computation is done in separate stages that process each 512-bit block of data along with the value computed in the preceding stage. The first stage uses the message digest values initialized using consecutive hexadecimal numerical values. The final value from the last block is the MD5 digest for that block.
MD-5 is generally fast and needs less resources. However, messages and hashes can change due to noise. They can also get attacked by a man-in-the-middle. An attacker can obtain the message, replace it with another message and calculate the hash for the new message. A receiver of the new message wouldn’t know the message has been altered because of the new has value appended to it.
To overcome man-in-the-middle attacks, salts are used with hashes.
SHA-1
Secure Hash Algorithm 1 or SHA-1 is based on MD-4. It uses a 160-bit hash value and is therefore much more stronger than MD-5 although it consumes time for computation.
SHA-1 takes an input and gives a 160-bit long hash value. This hash value is then rendered as a hexadecimal number which is 40 digits longs.
Now let’s look at the implementation of SHA-1 using Java
The output :
