Introduction
Hash algorithm, also known as hash or hash algorithm, can map binary values of any length to shorter fixed-length binary values, that is, hash values. And it is difficult to map different plaintexts to the same hash value. Hash value is also called digital fingerprint (fingerprint) , digital digest (digest) or message digest in applications
An excellent hash algorithm has the following characteristics:
- Forward fast: Given plaintext and hash algorithm, the hash value can be calculated within limited time and limited resources
- Difficulty in reverse engineering: given (several) hash values, it is difficult (basically impossible) to reverse the plaintext in a limited time
- Input sensitivity: The original input information modifies a little information, and the generated hash values should look very different
- Anti-collision (anti-collision)
Different keywords may get the same hash value, or two plaintexts with different contents, their hash values may be the same. This phenomenon is called conflict or collision.
Anti-collision is also called "collision resistance" or conflict avoidance. The anti-collision of the hash function means that different inputs cannot produce the same output.
Anti-collision is not that there will be no conflicts, but the cost of finding two conflicting inputs is very high
Currently popular hash algorithms
- MD4 (message digest): The output is 128-bit binary-16 bytes
- MD5: Output is 128-bit binary
- SHA-1 (secure hash algorithm-1): cryptographic hash algorithm; the output is a 160-bit binary value
- SHA-2 (secure hash-2): SHA-224, SHA-256 (256 binary, 64-bit hexadecimal, commonly used in Bitcoin) , SHA-384, SHA-512
- SHA-3, formerly named keccak algorithm, is an encryption hash algorithm
- The output lengths of Keccak are: 512, 384, 256, 224
- SHA-3 is not intended to replace SHA-2, because SHA-2 currently has no obvious weaknesses
- Due to the successful cracking of MD5 and the theoretical cracking of SHA-1, NIST felt that it needed a different and replaceable encryption hash algorithm, which is now SHA-3.
- RIPEMD-160 (RACE's complete summary of original evaluation information): is a 160-bit cryptographic hash function designed to replace the 128-bit hash function MD4 and MD5
Cracking method
- Find the collision method (no application value)
- Exhaustive method: time-consuming and requires a lot of calculation
- Password dictionary brute force cracking: consumption of storage space
- Rainbow table attack
- The rainbow table is actually a compromise between the exhaustive method and the password dictionary method, which keeps the time and space occupied within an acceptable range
Defense method
Defense method: add salt. That is, insert a specific string in a specific position of the password. This specific string is "salt". The hash string obtained by hashing and encrypting the salted password is completely different from the hash string before salting. Hackers use rainbow tables. The password obtained is not the real password at all. Even if the hacker knows the content of the "salt" and the location of the salt, he needs to regenerate the rainbow table, so adding salt can greatly increase the difficulty of using the rainbow table to attack.
note
- It is generally believed that MD5 and SHA1 are not safe enough and do not have "strong collision resistance". At least the SHA-256 algorithm is recommended
- Mainstream web development still uses md5 to save user passwords (commonly used)
In order to protect the security of the account, all websites will not save the user's password in plain text, but use a hash encryption algorithm to calculate the password, save the obtained hash string in the database, and each time the user logs in, the user will submit the password Use the same algorithm to calculate and compare the result with the hash string stored in the database to verify the user's identity