Page 206 - Cyber Defense eMagazine Annual RSA Edition for 2024
P. 206

output, the hash, is like a condensed and unique identifier for that specific data going through that
                   specific recipe (algorithm).
               •  Collision  Resistance:  A  good  hashing  algorithm  is  designed  to  be  "collision  resistant."  This
                   means it's very unlikely that two different pieces of data will end up with the same hash value
                   (collision). It's like having a fingerprint system where everyone has a truly unique fingerprint.


            There are different types of hashing algorithms, each with its own strengths and weaknesses. Some
            common ones you'll hear about include MD5, SHA-256, and SHA-3. These algorithms are constantly
            being improved to stay ahead of security threats.



            Choosing the Right Algorithm:

               •  Security Needs: When choosing a hashing algorithm, security is key. For things like password
                   storage, you'll want a strong, collision-resistant algorithm like SHA-256 or later versions.
               •  Performance: Hashing can be computationally expensive. For tasks where speed is important,
                   you might use a less secure algorithm for initial checks, then verify with a stronger one later.

            Understanding hashing algorithms is like understanding the language of data integrity and verification.
            It's a crucial tool in a cybersecurity student's toolkit!

            What are some hashing algorithms? Have we had them before?

            Hashing algorithms have been around for decades, and as computing power and security threats have
            evolved, so have these algorithms. Here’s a look at some notable hashing algorithms from the past, along
            with their pros and cons:



            Early Algorithms:

               •  MD5  (Message  Digest  5): Developed  in  the  1980s,  MD5  was  widely  used  for  data  integrity
                   checks and password storage.
                       o  Pros: Fast and efficient, readily available in hardware and software.
                       o  Cons: Not collision resistant anymore. In the late 90s, vulnerabilities were discovered that
                          allowed attackers to create collisions (meaning two different files could have the same
                          MD5 hash). This makes it unsuitable for secure applications today.

            SHA (Secure Hash Algorithm): This is a family of hashing algorithms developed by the National Institute
            of Standards and Technology (NIST) to address the limitations of MD5.

               o  SHA-1: Released in 1995, SHA-1 offered improved security over MD5.
               o  Pros: More secure than MD5, widely adopted for various applications.
               o  Cons: In 2017, weaknesses were identified in SHA-1 that made it susceptible to collision attacks.
                   While still usable for non-critical applications, it’s not recommended for high-security tasks.








                                                                                                            206
   201   202   203   204   205   206   207   208   209   210   211