# 2\_ HASHING ACTIVITY

CLASS LAB 8-2: HASHING ACTIVITY

Countermeasures Against Cyberattacks

**Asymmetric Cryptography**

### ***HASHING ACTIVITY*** <a href="#j95q9pipk3m7" id="j95q9pipk3m7"></a>

**Instructions:** This activity provides experience running hash functions and seeing what hash function outputs look like, as well as how they can sometimes be broken.

**Files or Resources Needed:** To complete Task 1 of this activity, you will be using the website[ http://www.fileformat.info/tool/hash.htm](http://www.fileformat.info/tool/hash.htm) to compute hash function outputs. To complete Task 2 you will use the website[ https://www.md5online.org/md5-decrypt.html](https://www.md5online.org/md5-decrypt.html).

#### **TASK 1: GENERATING HASHES FROM STRINGS** <a href="#id-68wbvqbzmn2w" id="id-68wbvqbzmn2w"></a>

Let’s take a look at some inputs to hash functions and their corresponding outputs. Use the website[ http://www.fileformat.info/tool/hash.htm](http://www.fileformat.info/tool/hash.htm) to convert the strings to hashes. Record the hash function outputs in the appropriate places in the table.

| **String** | **MD5**                          | **SHA-1**                                |
| ---------- | -------------------------------- | ---------------------------------------- |
| password   | 5f4dcc3b5aa765d61d8327deb882cf99 | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 |
| Password   | dc647eb65e6711e155375218212b3964 | 8be3c943b1609fffbfc51aad666d0a04adf83c9d |
| Password!  | 0040f2abc2cff0c8f59883b99ae9fab6 | ef8420d70dd7676e04bea55f405fa39b022a90c8 |
| !Password  |                                  |                                          |

| <p><br>4533c662e44139873ae2fd3ce1fd3dbbf08b8c92</p> |
| --------------------------------------------------- |

| <p><br>9a8896ebf2e4a99e4b1c0174504c898a</p> |
| ------------------------------------------- |

Notice how different each hash value is for each string. This pseudo-randomness gives hash functions their power!

**QUESTION 1-1:** To the average user, what makes MD5, SHA-1, and other hash function outputs different from each other?

Different hash functions use different hashing algorithms to output different numerical values for each string.&#x20;

#### **TASK 2: CRACKING HASHES** <a href="#bsyk9o37e7l9" id="bsyk9o37e7l9"></a>

You might wonder why there are a variety of hash functions available. This is primarily because over time some have been proven insecure for modern use. As such, cryptographic hash functions like MD5 and SHA-1 are used primarily for purposes such as verifying the authenticity of files. As computational power continues to increase, researchers must keep up by developing new or stronger hash functions. The next frontier of securing encrypting is to be resistant to the evolving field of quantum computers.

Since hash functions by their nature are nearly impossible to reverse, decrypting hash functions is a challenge. A common technique to decrypting them is to develop Lookup Tables, also sometimes known as Rainbow Tables. These tables contain known strings and their corresponding hash values. You can see just how big some Rainbow Tables are by looking at the file sizes at[ https://freerainbowtables.com/](https://freerainbowtables.com/).

Below are some hash values, try to use[ https://www.md5online.org/md5-decrypt.html](https://www.md5online.org/md5-decrypt.html) and see if you can figure out what the original values are!

Hint: look under the Decrypt button for the output. If the hash is in the lookup table, the output says “Found:” followed by the text that used to create the hash.

| **MD5 Hash**                     | **Hashed Text** |
| -------------------------------- | --------------- |
| e91e6348157868de9dd8b25c81aebfb9 | security        |
| 4862ee9c9b69ca7c7ac6e012cd7665b7 | requires        |
| f068fc985d0a439e5a126d78a28cc4c9 | stronger        |
| b2803b5602c2d8dc3cecb9ec7dee659c | techniques      |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://derek-johnson-1.gitbook.io/welcome/freshman/security-110/week-13/2_-hashing-activity.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.