2_ HASHING ACTIVITY
CLASS LAB 8-2: HASHING ACTIVITY
Countermeasures Against Cyberattacks
Asymmetric Cryptography
HASHING ACTIVITY
Instructions: This activity provides experience running hash functions and seeing what hash function outputs look like, as well as how they can sometimes be broken.
Files or Resources Needed: To complete Task 1 of this activity, you will be using the website http://www.fileformat.info/tool/hash.htm to compute hash function outputs. To complete Task 2 you will use the website https://www.md5online.org/md5-decrypt.html.
TASK 1: GENERATING HASHES FROM STRINGS
Let’s take a look at some inputs to hash functions and their corresponding outputs. Use the website http://www.fileformat.info/tool/hash.htm to convert the strings to hashes. Record the hash function outputs in the appropriate places in the table.
String | MD5 | SHA-1 | ||
password | 5f4dcc3b5aa765d61d8327deb882cf99 | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 | ||
Password | dc647eb65e6711e155375218212b3964 | 8be3c943b1609fffbfc51aad666d0a04adf83c9d | ||
Password! | 0040f2abc2cff0c8f59883b99ae9fab6 | ef8420d70dd7676e04bea55f405fa39b022a90c8 | ||
!Password |
|
|
Notice how different each hash value is for each string. This pseudo-randomness gives hash functions their power!
QUESTION 1-1: To the average user, what makes MD5, SHA-1, and other hash function outputs different from each other?
Different hash functions use different hashing algorithms to output different numerical values for each string.
TASK 2: CRACKING HASHES
You might wonder why there are a variety of hash functions available. This is primarily because over time some have been proven insecure for modern use. As such, cryptographic hash functions like MD5 and SHA-1 are used primarily for purposes such as verifying the authenticity of files. As computational power continues to increase, researchers must keep up by developing new or stronger hash functions. The next frontier of securing encrypting is to be resistant to the evolving field of quantum computers.
Since hash functions by their nature are nearly impossible to reverse, decrypting hash functions is a challenge. A common technique to decrypting them is to develop Lookup Tables, also sometimes known as Rainbow Tables. These tables contain known strings and their corresponding hash values. You can see just how big some Rainbow Tables are by looking at the file sizes at https://freerainbowtables.com/.
Below are some hash values, try to use https://www.md5online.org/md5-decrypt.html and see if you can figure out what the original values are!
Hint: look under the Decrypt button for the output. If the hash is in the lookup table, the output says “Found:” followed by the text that used to create the hash.
MD5 Hash | Hashed Text |
e91e6348157868de9dd8b25c81aebfb9 | security |
4862ee9c9b69ca7c7ac6e012cd7665b7 | requires |
f068fc985d0a439e5a126d78a28cc4c9 | stronger |
b2803b5602c2d8dc3cecb9ec7dee659c | techniques |
Last updated