Today is the first issue of our blockchain underlying technology sharing - hashing. Let's not talk about what hashing is, is there any of the following situations in your life:
You have registered an account on a website and entered your password, ID number, and bank card number. Have you ever worried that your sensitive data will be leaked?
You are an Internet product manager. When you ask the programmer about the demand, you say: When the user forgets the password, send the original password to the user by email.
You are a programmer leader telling you that sensitive data of users needs to be hashed, are you in this mood:
In fact, these are related to the application of hash functions, and exist in all aspects of our life and work. But when people often hear the words cryptography and hashing, they think it is very esoteric, but it is not that complicated. Let’s analyze it today.
01
What is a hash?
Speaking of hashing, let’s take the development of user password storage as an example.
1. Simple password storage
In the past few years, we often saw such news, "Surprise! A certain website user account password was leaked" and so on. In fact, in the early days of Internet development, if you registered on a certain website, the user name was: the most handsome man in the village, and the password was: 123456; then the account number and password are basically stored in the background as follows:
This is the earliest password storage method. User passwords are completely stored in plain text in the database. After hackers enter the database, all information associated with users will be stolen, and user information has no security at all.
2. Upgraded password storage
Hash function is also called one-way hash function, please pay attention to this one-way , it is very important. What does unidirectional mean? Irreversible !
First look at the definition of a hash function:
a one-way hash function has an input and an output, the input is called a message, and the output is called a hash value.
Hash functions have the following characteristics:
-
Calculate a fixed-length hash value based on a message of any length;
-
Can quickly calculate the hash value;
-
Different messages (that is, different inputs) get different hash values;
-
It is unidirectional. One-way means that the message cannot be deduced from the hash value.
How to understand the characteristics of the hash function? Still using user registration as an example,
The username is: the most handsome man in the village, the password is: 123456; the result after using the MD5 hash function is: 49ba59abbe56e057; then the data stored in the database at this time is:
It can be seen from the figure that the password seen by the user is: 123456, but the database stores 49ba59abbe56e057, so programmers cannot know what the user's password is, because they store the hash value after hashing , When the user logs in again, enters the password, hashes the password again, and compares whether the hashed value is the same as the value stored in the data, it can be judged whether the user's password is correct.
And because the hash function is one-way, when the user forgets the password, the program background cannot calculate the user's original password 123456 through 49ba59abbe56e057, which is why it can only be reset when logging in to the website and forgetting the password.
The same is true for hacker attacks. When the database is attacked, what the hacker gets is only the hash value of the password. According to the characteristics of the hash algorithm, the hacker cannot reverse the hash value to get the password, so the hacker breaks the database. It's useless.
Hackers are not vegetarians, and later hackers invented the " Rainbow Table Attack (Rainbow Table Attack)", which made it possible to attack passwords encrypted by hash algorithms. (If you are interested in Rainbow Watch, please private message me in the background. If there are many people, write a Rainbow Watch article.)
3. Upgraded password storage again
The development of things is like this, and the technology progresses between offense and defense. In order to deal with the attack of the rainbow table, the technical experts invented the hash algorithm with "salt".
Salt, in cryptography, refers to inserting any fixed position of the hash content (for example: password) into a specific string before hashing. This way of adding strings to the hash is called "salting". Its function is to make the hash result after adding salt different from the result without adding salt. In different application scenarios, this processing can add additional security.
I won’t talk about the process of adding salt in detail, as long as you remember the hash value after adding salt, it will be more difficult to be attacked by hackers.
Wait, let's get down to business, what are we going to talk about today? Hash! So what is a hash, the MD5 algorithm mentioned above is a kind of hash function, so what is the hash function in the blockchain?
02
Hash functions in the blockchain
To introduce the hash function in the blockchain, first understand several common hash functions.
1. MD4、MD5
MD4 is a one-way hash function designed by Rivest in 1990, which can generate a 128-bit hash value (RFC1186, revised version RFC1320). However, with Dobbertin's method of finding collisions in MD4 hashes, it's not safe anymore.
MD5 is a one-way hash function designed by Rivest in 1991, which can generate a 128-bit hash value (RFCI321). Two different messages, so it's also already insecure.
MD in MD4 and MD5 is the abbreviation of Message Digest.
2. SHA-1、SHA-256、SHA-384、SHA-512
SHA-1 is a one-way hash function designed by NIST (National Institute of Standards and Technology, National Institute of Standards and Technology) capable of generating a 160-bit hash value.
SHA was published as the US Federal Information Processing Standard Specification (FIPS PUB 180) in 1993, and the revised version FIPS PUB 180-1 released in 1995 is called SHA-1. In the "CRYPTREC Cipher List", SHA-1 has been included in the "cipher list that can be used with caution", that is, it is not recommended for use except for the purpose of maintaining compatibility.
SHA-256, SHA-384, and SHA-512 are all one-way hash functions designed by NIST, and their hash value lengths are 256 bits, 384 bits, and 512 bits, respectively. These one-way hash functions are collectively called SHA-2, and their message length also has an upper limit (the upper limit of SHA-256 is close to 2^64 bits, and the upper limit of SHA-384 and SHA-512 is close to 2^128 bits). These one-way hash functions were published together with SHA-1 as FIPS PUB 180-2 in 2002.
The strong collision resistance of SHA-1 was broken in 2005 ( Professor Wang Xiaoyun of Shandong University ), that is to say, it is now possible to generate two different messages with the same hash value. The picture below shows Wang Xiaoyun:
Pictures from the Internet
However, SHA-2 has not yet been broken.
3. RIPEMD -160
RIPEMD-160 is a one-way hash function designed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel in 1996 to generate a 160-bit hash value.
RIPEMD-160 is a revised version of the RIPEMD one-way hash function designed by the EU RIPE project.
This series of functions also includes RIPEMD-128, RIPEMD-256, RIPEMD-320 and others—this version.
In the "CRYPTREC Password List", RIPEMD-160 has been included in the "Crypto List that can be used with caution", that is, it is not recommended to be used in other cases except for the purpose of maintaining compatibility.
The strong collision resistance of RIPEMD has been broken in 2004, but RIPEMD-160 has not yet been broken.
The SHA-256 and RIPEMD-160 hash algorithms are used in the Bitcoin system, while the Litecoin uses the SCRYPT algorithm, which is different in Ethereum. Therefore, with the development of blockchain technology, it is used in different applications. Hash algorithms may vary.
OK, I have shared so much about the hash function today. The underlying mathematical knowledge of cryptography is profound and interesting, but considering that our readers are engaged in different industries, we have not described too much about the underlying implementation. If you are interested in these , you can follow us for further discussion, see you in the next issue~~
