Question

In: Computer Science

Write a 2 -3 page paper on how one can use hash values to log into...

Write a 2 -3 page paper on how one can use hash values to log into a system, crack a network, etc.
Be sure to explain how hash values are used and misused in a system. 

Solutions

Expert Solution

Hashing is making into a small or cutting into a pieces.

Hash values can be thought of as fingerprints for files. The contents of a file are processed through a cryptographic algorithm, and a unique numerical value – the hash value - is produced that identifies the contents of the file. If the contents are modified in any way, the value of the hash will also change significantly. Two algorithms are currently widely used to produce hash values: the MD5 and SHA1 algorithms.

In cryptography, a hash fun. is a mathematical algorithm that maps data of any size to a bit string of a fixed size.

hashing is like encode a msg you have send into a mathematical code by specific algorithm and again decode to user in other side. to keep msg safe.

Commonly used hashing algorithms include Message Digest (MDx) algorithms, such as MD5, and Secure Hash Algorithms (SHA), such as SHA-1 and the SHA-2 family that includes the widely used SHA-256 algorithm

In bitcoin, integrity and block-chaining use the SHA-256 algorithm as the underlying cryptographic hash function. Let's look at a hashing example using SHA-256 and Python.

Hash functions behave as one-way functions by using mathematical operations that are extremely difficult and cumbersome to revert such as the modulo operator.

Using Cryptographic Hashing for More Secure Password Storage

A deterministic function is a function that given the same input always produces the same output. This is vital for authentication since we need to have the guarantee that a given password will always produce the same hash; otherwise, it would be impossible to consistently verify user credentials with this technique.

To integrate hashing in the password storage workflow, when the user is created, instead of storing the password in cleartext, we hash the password and store the username and hash pair in the database table. When the user logs in, we hash the password sent and compare it to the hash connected with the provided username. If the hashed password and the stored hash match, we have a valid login. It's important to note that we never store the cleartext password in the process, we hash it and then forget it.

Whereas the transmission of the password should be encrypted, the password hash doesn't need to be encrypted at rest. When properly implemented, password hashing is cryptographically secure. This implementation would involve the use of a salt to overcome the limitations of hash functions.

Authentication Methods

Something you know: Examples of this are your good-old password, bank card PIN or a safe-word when the alarm company calls your home; these are all examples of using something you know to authenticate yourself.

Something you have: Examples are a swipe card to access a secure area, a code sent to your cellphone as part of a login process (to prove you have your cellphone) or a SecureID token that provides a constantly changing code you need to enter to gain access – all are something you have that can be used to authenticate yourself.

Something you are: This is where biometric security comes in. To access our data center we have to put our index finger on a fingerprint scanner after swiping a card. Unless you steal someone’s index finger you won’t be able to access our data center, even if you’ve stolen a valid swipe card. Other biometric systems include retinal scans (the blood vessels at the back of the eye) and iris scans (the colored part of the eye).

Other attributes used for authentication: A few other attributes that you occasionally see used for authentication are:

  • Somewhere you are. E.g. at a physical address able to receive snail mail.
  • Something you can do. E.g. accurately reproduce a signature.
  • Something you exhibit. E.g. a neurological trait that can be scanned by an MRI.
  • Someone you know. E.g. that can be validated by a social network graph or chain of trust.

Our focus in this article is passwords. Most of us see them as an inconvenience – something you have to tolerate to be able to use a service you need access to. In this article we’re going to explain how computer systems have evolved in the way they process your password, how modern online applications do authentication and why it’s important to choose a strong password. Once you finish reading this you should have a working knowledge of hashing algorithms, how password cracking works and what “strong password” really means.

Plain Text Passwords

In the early days of computers and mainframes, passwords were stored in a database as plain text. When you wanted to sign-in, a gatekeeper application would ask you for your password. It would take whatever you typed in and check if it was equal to whatever it had stored in the database and if true, you were granted access.

As the Internet evolved and grew, malicious hackers started gaining unauthorized access to systems. Once they were in, they would immediately download the plain-text password database and have instant access to all users passwords. Developers and systems administrators needed to come up with a solution to this problem and the solution they came up with was ‘password hashing’.

Understanding Password Hash Salting

How Salts Work

A rainbow table attack relies on a hacker being able to take a dictionary and pre-computed hashes of the words in that dictionary and compare those hashes to the hashes in a password database. To defeat rainbow tables, the information security community invented “salted hashes”. The concept is relatively simple:

When you create a new password, instead of just running the password on its own through a hashing algorithm, you do the following: Generate a random little piece of text. Put that text at the beginning of the password. Then run the combination of the little piece of text and the password through a hashing algorithm. Then you store the little piece of text (as plain text) and the resulting hash. That little piece of text is called a “Salt”.


Related Solutions

Research margin accounts and write a 2-3 page paper (not including the cover page or a...
Research margin accounts and write a 2-3 page paper (not including the cover page or a reference page) on: What is a margin account? Why would investors use one? What are the possible downsides to buying/selling securities on margin? A minimum of two properly cited references are required, with at least one being from an outside source you find by searching the Internet.
Write a 2-3 page paper that answers the question, "Who are you?" The paper should be...
Write a 2-3 page paper that answers the question, "Who are you?" The paper should be written from the viewpoint of you (the person) as a system in the environment. Include consideration of your subsystems: biological (stage of physical development, sex, sexual orientation, relationship to the natural world), psychological (stages of psychological development), and spiritual/religious (moral development). Your paper should discuss these subsystems with an awareness of the impact of diversity on your own human behavior.
How can a middle strategy be successful in healthcare? Write a one-page paper, using APA format,...
How can a middle strategy be successful in healthcare? Write a one-page paper, using APA format, on what a healthcare organization must do to make this strategy successful. Please be sure to include what problems might be presented in creating this type of strategy in healthcare?
How can a middle strategy be successful in healthcare? Write a one-page paper, using APA format,...
How can a middle strategy be successful in healthcare? Write a one-page paper, using APA format, on what a healthcare organization must do to make this strategy successful. Please be sure to include what problems might be presented in creating this type of strategy in healthcare?
Needing to write a one page paper on how to stay happy naturally
Needing to write a one page paper on how to stay happy naturally
Write a 2-page paper to describe how does a nursing homeowner, Jane Smith, can improve the...
Write a 2-page paper to describe how does a nursing homeowner, Jane Smith, can improve the elderly living experience at her nursing home and seeing a doctor. What technology Jane can adopt to monitor and foresee possible disease and sickness the elderly have? what technology can she adopt to enhance the seeing doctor experience? (Maybe they do not have to go to the doctor's office) What technology can Jane adopt to enhance the communication experience between elderly and remote family...
Can someone write a 2 page paper on Teaching Philosophy regarding geometry . ?
Can someone write a 2 page paper on Teaching Philosophy regarding geometry . ?
In a 2-3 page paper discuss how health and illness beliefs can influence the assessment process....
In a 2-3 page paper discuss how health and illness beliefs can influence the assessment process. You can use the Table on Traditional Health and Illness Beliefs in your textbook or any other evidence-based sources. Include how belief structure might impact how a client responds to an assessment interview and how culture might influence physical findings. Your assignment must have accurate spelling and grammar and use APA Editorial Format.
write a 3 page reflection paper on what you can do to prevent Alzheimer's
write a 3 page reflection paper on what you can do to prevent Alzheimer's
Write a 3-5 page paper on Mobile Health
Write a 3-5 page paper on Mobile Health
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT