In the early days of network communications, we saw that noise on the transmission lines and cables often led to errors in the transmitted message. Most older cables were subject to static interferences and this could cause a bit to flip to a different value as it was being transmitted.
To overcome this, the idea of parity bits was introduced, using a simple XOR (Exclusive-OR) calculation that would indicate the error. The use of check-digits that were built into catalogue numbers or payment card numbers could help ensure that those values were also correct.
The integrity of the file on a floppy drive or CD (Compact Disk) was proven through the use of Cyclic Redundancy Checks (CRC). All of these methods provided some basic protection against errors, especially when the errors were not introduced intentionally.
What are hashing algorithms?
The development of hashing algorithms allowed a higher degree of accuracy, hence, even more assurance.
A hashing algorithm runs a mathematical calculation against an entire message and generates a value or digest (also known as a message digest, hash, fingerprint, or thumbprint). The digest itself is a fixed-length value, usually shorter than the message, but since it is calculated against the entire message it is very sensitive to any changes, anywhere in the message. An alteration of one bit in the message will typically result in at least 40% of the associated hash value changes.
What are the most commonly used?
Hashing algorithms commonly in use include the Message Digest series MD4 and MD5, (these are still in use even though they are at end of life and should only be used in legacy applications, and MD6. There is also the Secure Hashing Algorithms SHA-1, SHA-2 (which is SHA-256 and SHA-512).
The next hashing standard, SHA-3, although this standard maintains the SHA naming convention it is in fact a completely different from previous versions and is based on an algorithm known as Keccak. SHA3 is not an upgrade from earlier versions of SHA but rather a direct replacement.
The digest calculated from the message is sent along with (appended to) the message. The recipient (a system, process, or person) will run the received message through the same algorithm. This will generate a digest of the received message that should be the same as the digest that was appended to the message.
This proves that the message received was the same as the one that was sent. However, this process may be subject to a MITM (Man in the Middle) attack. A Man-in-the-Middle would be able to change or modify both the message and the appended hash and deceive the recipient into thinking that the altered message was the one that was sent.
So in our next blog, we will examine how to protect a simple message integrity process from an intentional attack.
Are you with us so far? Keep an eye out for the next blog in the series, or join us for a training course, if you´re keen to learn faster.
We love to teach and share our passion – come join us at Readynez :)
You may be interested in these 1-day Masterclasses with Kevin:
You´re invited to join this live learning experience in a virtual space where you will get full access to insights and innovation from the true authorities.
We think you´re going to love these - Learn more and book directly on the links below:
Security - with Kevin Henry
Live Virtual Masterclass: CISSP Overview
Live Virtual Masterclass: CISM Overview
Come alone or bring your team for a strengthened direction with a tangible impact - but, don´t wait too long to book - seats are obviously very limited for this unique experience.
About Kevin Henry:
Your instructor has probably taught more IT-Security students than anyone else in the world and helped thousands of people prepare for the examination. As the former co-chair of the ISC2 CISSP CBK, he will provide you with valuable insight into the do's and don'ts of Security training and provide tips on how to plan your own training roadmap.
Get Unlimited access to ALL the LIVE Instructor-led Security courses you want - all for the price of less than one course.