Information Technology IT – 1 Data processing and information | e-Consult

Hashing is a one-way function that transforms data of any size into a fixed-size string of characters, known as a hash value or digest. It's a fundamental concept in data security, providing data integrity and authentication.

Properties of a good cryptographic hash function:

• Preimage Resistance: Given a hash value, it should be computationally infeasible to find the original input that produced it.
• Second Preimage Resistance: Given an input and its hash value, it should be computationally infeasible to find a different input that produces the same hash value.
• Collision Resistance: It should be computationally infeasible to find two different inputs that produce the same hash value. While collisions are theoretically possible, a good hash function makes them extremely rare.
• Sensitivity to Input Changes: Even a small change in the input data should result in a significantly different hash value.

Examples of use in security applications:

• Password Storage: Instead of storing passwords directly, systems store the hash of the password. When a user enters a password, the system hashes the entered password and compares it to the stored hash. This protects passwords if the database is compromised.
• Data Integrity Checks: Hashing can be used to verify that data has not been altered. A hash of the original data is stored. Later, the data is re-hashed, and the two hash values are compared. If they are different, the data has been modified.
• Digital Signatures: Hashing is used to create a concise representation of a document, which is then digitally signed using the sender's private key. The recipient can verify the signature using the sender's public key and compare the generated hash with the hash of the received document.
• Message Authentication Codes (MACs): MACs use a secret key along with the message to generate a hash value. This ensures both data integrity and authentication.