Application of Hashing Algorithms - Essay Example

?HASHING ALGORITHMS Hashing Algorithms Affiliation Introduction Hashing algorithms are used to translate the input of any size to a smaller output of fixed extent by making use of the hash function. In this scenario, this output value is known as the hash value. Basically, this hash value consists of a distinctive and very condensed mathematical illustration of a portion of data. This process of translation from input to output is a compressed mapping, to be precise, the space that is taken by the hash value is a great deal smaller than that of the input. In fact, any value or even a single letter is changed in the input; then the values of hash value will also be changed. Additionally, same hash value can be used in calculation in order to find two different inputs; for that reason the hashing algorithms are used to determine the reliability and effectiveness of data (comprising digital signatures, authentication and so on). In some cases, these hash values are also acknowledged as a "message digest". In the past few years, the use of hashing algorithms in every walk of science has increased to massive extent. In fact, hashing algorithms are believed to be the most important technique in data structures and randomized algorithms, within a wide variety of applications and fields like that complexity theory, information retrieval, data mining, parallel algorithms and cryptology (Ostlin & Pagh, 2003). However, hashing algorithms are extensively utilized in the field of information security (Yang, Li, Tan, Yan, & Hou, 2012). In the field of information security, hashing algorithms play a significant role in cryptography and are utilized to achieve numerous security goals. For instance, these algorithms are extensively used to attain reliability and validity, authenticating users of computer systems, implementing efficient digital signatures, putting into practice pseudo random number generators, implementing digital time stamping, creating session keys and sometime for building block ciphers as well. In the history of hashing algorithms a large number of hash functions were created as well as the majority of them were effectively broken and some were to some extent breached, along with it a number of theoretical threats were as well propose (Sobti, Geetha, & Anand, 2012; Algredo-Badillo, Morales-Sandoval, Feregrino-Uribe, & Cumplido, 2012). This paper presents a detailed analysis of hashing algorithms. This paper will discuss the uses and applications of hashing algorithms. This paper will focus on some of the important hashing algorithms such as digital signatures algorithms, cryptography algorithms and various other techniques. Hashing Algorithms Basically, the process of hashing simplifies the search process by making use of computationally a few operations as compared to any other sequential basic search algorithm. In this scenario, a hash function is a mathematical process in which a number is mapped to a large value range into an additional number with a smaller range. Figure1 demonstrates the process of hashing in the detail. In this diagram, a database that consists of eight specified records (such as addresses in one application) are to be matched in opposition to any received record. In view of the fact that each record contains a huge amount of data as well as the entire database contains a large number of records under actual circumstances, in this scenario scanning all the records and searching through the complete database individually can be unfeasible. However, this problem could be resolved if a piece of the record (or on the whole) is chosen and a key is assigned to the target value (normally, this target value is based on a 3-bit value as demonstrated in the figure1) by making use of the hash function (operator). As shown in the figure1, this process has divided a complete database of eight records into smaller groups of records in accordance with their matching hash outputs. In addition, this searching process will be applied to all the searches, in which this hashing process will be applied to any received value in order to recognize the one group, in place of searching through the entire database. However, an effective hashing function ensures that no more than one record is contained in a group; as a result a search process of accurately one corresponding value would be identified. The research has shown that a hash function can deliver better results than the other function if it requires a smaller predictable number of corresponding steps. It is believed that if a database contains the records in a standardized distribution in opposed to value of the key, any standard hash function would cleanly ensure a standardized allocation of these records onto the groups. In other words, it will improve the predictable performance and efficiency with respect to search time required (Martinez, Pandya, & Lin, 2009) Figure 1Example of Hashing, Image Source: (Martinez, Pandya, & Lin, 2009) In addition, the majority of researchers have based their theories and researches on the idea that records maintained by the database are key-wise consistently allocated. On the basis of this principle, any kind of hashing algorithm can ensure the expected efficiency and performance with respect to time required for searching. In contrast, if a database does not contain records stored in a consistent manner, then the implementation of different hash functions will deliver different predictable efficiency and performance (Martinez, Pandya, & Lin, 2009; Meixner & Uhl, 2006). Cryptographic Hashing As discussed above, hashing algorithms are extensively employed in a number of information security related fields and applications such as message authentication code (MAC), digital signatures and a wide variety of authentication procedures. In this scenario, cryptographic hashing algorithms provide in one direction process that is based on an input of a random chunks of data, however its output comes in the form of a string of a fixed-size, which is acknowledged as the hash value. At the present, there exist a large number of famous and useful cryptographic hashing algorithms that are used for a wide variety of functions. However, with the massive developments and advancements in the field of cryptanalysis, the majority of these algorithms appeared to be vulnerable (Latif, Mahboob, & Aziz, 2011). Additionally, in the past few years, cryptanalysis of most of the hashing algorithms has been facing severe issues. However, in August 2005, a positive development in cryptanalysis of SHA-1(Secure Hashing Algorithm) was accomplished. Professor M. Szydlo detected a crash in the working of SHA-1. However, no crashes were detected in the SHA-2 variants; but, their way of working was a great deal similar to SHA-1. Additionally, taking these aspects into the consideration, on November 2, 2007, National Institute of Standards and Technology (NIST), USA decided to launch an open competition with the intention of building a new cryptographic hashing algorithm with the name of SHA-3. In addition, more than 64 participants took part in this competition, in which approximately 50 projects complied with the compliance criteria and they qualified in the first round of the competition. However, in the 2nd round only 14 candidates were selected and only 5 candidates could reach the final round of the competition, these candidates are: BLAKE, JH, Grostl, Skein and Keccak (Latif, Mahboob, & Aziz, 2011). One of the well-known as commonly used technique to ensure authentication is known as the password authentication. In fact, it has been the leading mechanism in verification because of its ease. In this scenario, cryptography algorithms are in one direction algorithms that are used to defend the key. Over the past few years, the majority of researchers and scholars has been continuously trying to develop a high quality and improved hashing algorithms for cryptography which increases the complexity of being inversed. However, hackers, cryptanalysts and security analysts interfere with them to discover weak points in present as well as future principles. In this scenario, policies and principles regarding implementations of passwords are being stated by a choose a small number of central groups providing little elasticity for instance for the most part security principles whichever stick on to a severe policy further than need or are left unchanged to their default settings that come with the new products or services. Additionally, when attempting to comply with the most set of policies the passwords does not seem as safe as a number of people believe. It is believed that human generated passwords are weaker and it is one of the weakest parts of password based authentication. In this scenario, there is a need to improve the entropy or unpredictability of passwords. The implementation of cryptography algorithms depend on the criticality of the organizations. Therefore, firms need to take into account the value of their systems and applications and decide a strategy to go together with instead of blindly attempting to comply with a key policy that is not rationalized as regularly as the technology that is used to attack it (Teat, 2011; Gonnet & Munro, 1977). Applications of Hashing Algorithms As discussed above, at the present, hashing algorithms are used in a number of areas of hash functions in computer forensics and cryptography. This section outlines some of the major areas where these algorithms are used: Digital Signatures As its name indicates a digital signature is an electronic signature that is utilized to confirm that who is the sender of a message or the signer of an internet file, and perhaps to make certain that there is no change in the actual content of the message or file that has been sent by the sender. Additionally, the digital signatures are readily portable, can be repeatedly time-stamped, and cannot be duplicated by somebody else. The basic aim of digital signature is to make certain that the actual signed message received so that the sender of the message cannot simply reject it afterward. Also, a digital signature can be inserted into any type of message, content and file, no matter it is encrypted or not, basically with the intention that the message recipient can be able to identify the message sender as well as that the message received is unchanged. Moreover, a digital certificate encompasses the digital signature of the certificate-issuing institution in order that anybody can confirm that the certificate is genuine (TechTarget, 2009). In this scenario, an appropriately implemented digital signature algorithm that can comply with fundamental needs of this Standard can offer these services. Basically, a digital signature algorithm consists of two major processes, one is the signature generation process and other is the signature verification process. In addition, the standard digital signature algorithms are implemented to stop an unauthorized person who does not recognize the signatory’s secret key from creating and making illegal use of the same signature as the signatory on a different message for different purpose. To be precise, digital signatures are developed with the intention that that they cannot be forged (Gaithersburg, 2009). Without a doubt, digital signatures have been used since a long time and are believed to be the initial application area of cryptographically secure hash functions. In this scenario the basic purpose of hash functions is to show the validity of a document or digital message. Additionally, these algorithms are extensively implemented in applications which are used to detect tempering or falsification in applications for instance financial transactions and software patents or copyrights. In this scenario, a small portion of information known as Message Authentication Code (MAC) is a utilized to validate a message. In addition, this MAC is responsible for ensuring the protection of both a message’s data validity and reliability by facilitating analyzers to notice any changes or theft to contents of a message. Moreover, when these hashing algorithms are implemented in junction with encryption techniques, they create extraordinary message process that is useful in analyzing the basis of the data; these purposefully built processes are known as Message Authentication Codes. For this purpose, a well-known algorithm that is presently used is known as HMAC. In this scenario, the HMAC algorithm is designed to provide support for authentication of the source of data, as well as also help deal with security attacks for instance the replay attack. However, both the related fields of hash functions and encryption are used on combination, but they are not substitute technologies for one another (Ke, Liu, Wang, & Goyal, 2011). Password tables for client authentication Everyone who uses the computer creates passwords at different levels. In this scenario, with the purpose of validating a user, they are required to enter a password up to that time registered with the server. On the other hand, storing the passwords of all users on the server bring a wide variety of security risks for security analysts and users. In this scenario, the implementation of hash functions allows to use the server to store the collision free and non-invertible hash values and make use of this information to tally with the hash values of the assumed password that is entered by the user (Ke, Liu, Wang, & Goyal, 2011). Cyclic Redundancy Check (CRC) Cyclic Redundancy Check (CRC) is a well-known non-secure hash function technique that is used to discover threats and errors in digital data distribution and communication. These algorithms are also implemented on data storage devices, for instance hard disk drives, etc. In this scenario, each portion of data stored on the disk is verified chunks as well as the hardware repeatedly commence a revisit of the portion as soon as a threat is found or notifies the software of the error (Ke, Liu, Wang, & Goyal, 2011). Key Derivation Key derivation function is also one of the most important application area of hashing algorithms. In the majority of applications, key derivation function (KDF) obtaining one or more private keys from a secret value for instance a master key and some additional information for instance a password by making use of a pseudo-random function. In this scenario, non-secret parameters are used along with KDFs with the purpose of obtaining one or more keys from a frequent private value (key diversification). In addition, passing private key can stop a hacker from getting access to the private information (Ke, Liu, Wang, & Goyal, 2011). (Globally Unique Identifier) GUID Hashing algorithms are extensively used in applications in which globally unique identifier (GUID) is used. Basically, GUID is an exclusive reference number that is used to identify computer software installed in the system. In addition, hashing algorithms are commonly used in Microsoft's implementation of Universally Unique Identifier (UUID) standard, Intel GUID Partition Table for dividing hard drives into various partitions, and so on (Ke, Liu, Wang, & Goyal, 2011). Applications of Hash in computer forensics As it has been discussed previously, hashing algorithms are used in almost every field of science. In the same way, these algorithms play a significant role in computer forensics. In this scenario, the implementation of these algorithms allows computer forensics experts to check the reliability and validity of proof for the reason that it is an easiest and fastest way of testing. Therefore, hashing algorithms are used in numerous forensic applications and tools for instance The Coroner’s Toolkit (TCT), Encase, Tripwire and Sleuthkit. In addition, fundamental hashing algorithms in the existing toolkits of computer forensics are for all time the hashes of SHA-1 and MD5 (Ke, Liu, Wang, & Goyal, 2011). Conclusion This paper has presented a detailed analysis of hashing algorithms. The basic purpose of hashing algorithms is to translate the input of any size to a smaller output of fixed extent by making use of the hash function and this output value is acknowledged as the hash value. In the past few years, the research on hashing algorithms has emerged as an attractive area of research. Up till now, a large number of researches have been conducted on hashing algorithms. These algorithms are used in almost every field of science. Hashing algorithms are believed to be the most important technique in data structures and randomized algorithms, within a wide variety of applications and fields like that complexity theory, information retrieval, data mining, parallel algorithms and cryptology. However, hashing algorithms are extensively utilized in the field of information security. In the field of information security, hashing algorithms play a significant role in cryptography and are utilized to achieve numerous security goals. In the field of information security, these algorithms are divided into other categories such as cryptography algorithms, digital signature algorithms and so on. These algorithms are used in various field of computer science to improve the security of data and information. At the present, a number of researches are being conducted to improve the capabilities of these algorithms. This research has discussed the concept of hashing in detail. This paper has discussed its various applications. This paper has also discussed the areas where these algorithms are being extensively employed. However, there are still lots of researches and studies being conducted to improve their effectiveness. References Algredo-Badillo, I., Morales-Sandoval, M., Feregrino-Uribe, C., & Cumplido, R. (2012). Throughput and Efficiency Analysis of Unrolled Hardware Architectures for the SHA-512 Hash Algorithm. 2012 IEEE Computer Society Annual Symposium on VLSI (pp. 63-68). IEEE. Gaithersburg. (2009). Digital Signature Standard (DSS). National Institute of Standards and Technology. Gonnet, G., & Munro, I. (1977). The analysis of an improved hashing technique. STOC '77 Proceedings of the ninth annual ACM symposium on Theory of computing (pp. 113-121). New York: ACM. Ke, H.-J., Liu, J., Wang, S.-J., & Goyal, D. (2011). Hash-algorithms Output for Digital Evidence in Computer Forensics. 2011 International Conference on Broadband and Wireless Computing, Communication and Applications (pp. 399-404). IEEE. Latif, K., Mahboob, A., & Aziz, A. (2011). High Throughput Hardware Implementation of Secure Hash Algorithm (SHA-3) Finalist: BLAKE. 2011 Frontiers of Information Technology (pp. 189-194). IEEE. Martinez, C. J., Pandya, D. K., & Lin, W.-M. (2009). On designing fast nonuniformly distributed IP address lookup hashing algorithms. IEEE/ACM Transactions on Networking (TON), Volume 17 Issue 6 , 1916-1925. Meixner, A., & Uhl, A. (2006). Robustness and security of a wavelet-based CBIR hashing algorithm. MM&Sec '06 Proceedings of the 8th workshop on Multimedia and security (pp. 140-145). New York: ACM. Ostlin, A., & Pagh, R. (2003). Uniform hashing in constant time and linear space. STOC '03 Proceedings of the thirty-fifth annual ACM symposium on Theory of computing (pp. 622-628). New York: ACM. Sobti, R., Geetha, G., & Anand, S. (2012). Performance comparison of Grostl, JH and BLAKE- SHA-3 Final Round Candidate Algorithms on ARM Cortex M3 Processor. 2012 International Conference on Computing Sciences (pp. 220-224). IEEE. Teat, C. (2011). The security of cryptographic hashes. ACM-SE '11 Proceedings of the 49th Annual Southeast Regional Conference (pp. 103-108). Kennesaw, GA, USA: ACM. TechTarget. (2009). Digital Signature. Retrieved June 17, 2013, from http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci211953,00.html Yang, G., Li, S., Tan, Z., Yan, X., & Hou, X. (2012). A New Multi-pattern Matching Algorithm Based on Frequently Used Group. 2012 IEEE 12th International Conference on Computer and Information Technology (pp. 981-984). IEEE. Read More