Hashing algorithms take a variable amount of data and compress it into a fixed length value, which is referred to as a hash value. Hashing provides a fingerprint of the message Strong. hashing algorithms are hard to break and will not produce the same hash value for two or more messages. Hashing is used to provide integrity. It can help verify that information has remained unchanged. Figure 12.5 gives an overview of the hashing process.
Figure 12.5. The hashing process.
Programs such as Tripwire, MD5sum, and Windows System File Verification all rely on hashing. The biggest problem for hashing is collisions. Collisions are when two or more files create the same output. The two most commonly used hashing algorithms are Message Digest Algorithm version 5 (MD5) and Secure Hash Algorithm 1 (SHA-1). Both algorithms are explained here:
When considering hash values, remember that close does not count! If the hashes being compared differ in any way, even by just a single bit, the data being digested is not the same.
Collisions occur when two message digests produce the same hash value. Attackers can use this vulnerability to make an illegitimate item appear genuine.
As you have seen, hashing is an important way to ensure the validity of a file. In this challenge exercise, you will practice creating and verifying hash values.
Part I: Exam Preparation
The Business Aspects of Penetration Testing
The Technical Foundations of Hacking
Footprinting and Scanning
Enumeration and System Hacking
Linux and Automated Security Assessment Tools
Trojans and Backdoors
Sniffers, Session Hijacking, and Denial of Service
Web Server Hacking, Web Applications, and Database Attacks
Wireless Technologies, Security, and Attacks
IDS, Firewalls, and Honeypots
Buffer Overflows, Viruses, and Worms
Cryptographic Attacks and Defenses
Physical Security and Social Engineering
Part II: Final Review
Part III: Appendixes
Appendix A. Using the ExamGear Special Edition Software