Hash algorithms TLDR
Hash algorithms are 'fingerprint' calculations that were introduced with encryption.
A hash calculation, is a mathematical algorithm that obfuscate data of any size, to a fixed size
byte array.
Hash calculations act as one-way encryptions. You can easily calculate the
hash value based on the input - but you can never calculate the input based on the hash value.
It only works one way. You can of course try to guess the input with brute force attacks - but
the input can never be calculated on the basis of the hash value, and you get no indication of
whether you have guessed the input correctly or not.
This basic functionality also means that if you change even just one character in the input
value, the hashed result will look completely different.
Samples
Try out these, if you would like to give it a go, and see how it works:
HASH calculation of random 'lorem ipsum'
HASH calculation of 'AAAA'
HASH calculation of 'AABA'
Common usecases
The two properties mentioned above, make hash calculations super efficient for:
- Comparison of large amounts of data: Because you can calculate hash values of data, and
then just compare these hash values, rather than comparing all data byte-by-byte
- Message authentication: Is the sender of a message who he/she claims to be, and has
the message been tampered with? It is done quite simply by
- Sender and receiver agree to a [secret code]
- When the sender wants to send a [message], a hash value of [secret code] + [message] is calculated
- [Message] and hash value are sent to recipient (but not the [secret code] - the [secret code] must always remain secret)
- Receiver similarly calculates the hash value based on [secret code] + [message].
- This hash code calculated by the recipient must be identical to the hash code recieved by the sender
- If the two hash values are identical, then it is a fact that the sender knows the secret code and
that the message has not been modified in any way. If the message had been changed, the recipient's
hash calculation would have given a different result - and the comparison of the two sender hash
values would fail.
- Simple one-way encryption (of, for example, passwords): Rather than storing passwords as plain text
in databases, files or the like, you can simply store a calculated hash value of the password. This ensures
that the code is never available as readable plain text - and you can check people's passwords by simply
doing the hash calculation on the password used at login, and then comparing it with the hash value you
have stored on the user. If the hash values are the same, the user has entered the correct password.
The different hash algorithms
There are many different hash algorithms. The best known are MD5, SHA1 and variations of the SHA-3 algoritmn.
- MD5: Invented in 1991, as a replacement for the MD4 algorithm. Outputs 16 bytes. Not considered secure for encryption purposes.
- SHA-1: Invented in 1993, as part of a US Government project. Outputs 20 bytes. Not considered secure for encryption purposes.
- SHA-3: SHA256, SHA384 and SHA512 are variations on the same basic algorithm SHA-3. The algorithm was released in 2015. Considered safe.
- RIPEMD-160: From 1996, and is based on the same principle as the previous MD4 calculation. However, RIPEMD-160 has never been breached in security contexts.
Furthermore, this tool calculates CRC64 checksums as well. CRC64 is a 64-bit cyclic redundancy check algorithm
commonly used for data integrity checks and error detection, but it should not be used for encryption or other security applications.
Security of hash algorithms (and why not to use MD5)
The typical ways to attack a hash algorithm are
- Collision attack: Can you create the same hash result with two different input values? If so, you have a 'collision'.
- Preimage attack: Can you calculate backwards and calculate the input message based on the hash result?
If an algorithm is vulnerable to these attacks, it cannot be considered secure.
MD5 and SHA-1 were both compromised in 2004 and 2005 respectively via collision attacks. This means, that neither of the two, computes uniq output when put under stress.
It also means that using MD5 and SHA-1 to store e.g. passwords, several different passwords - ultimately - will cause invalid passwords to be approved, even though they are different,
because the calculated hash value is identical.
Please note, that even though this tool calulates a CRC64 hash/checksum, CRC64 is in no way usefull in any kind of security context.
Would you like to know more?
Wikipedia has a great in-depth article on hash algorithms. It is definitely worth reading.
Wikibooks, similarly, has
a good article on attacks on hash algorithms.
iamroot.tech
DNS lookup
DNS propagation check
Port scan + probeing
WHOIS / RDAP lookup
HTTP/S request tool
TLS/SSL certificate checkbeta
E-mail DNSBL blacklist check
Reverse DNS
CIDR calculatorbeta
ASN database lookupbeta
What is my IPv4 and IPv6?
GeoIP location
QR code generator
Color contrast checker
Color picker
Lorem ipsum generator
URL encode/decode
HTML encode/decode
BASE64 encode/decode
Hash calculator (CRC64 - MD5 - SHA - RIPEMD)
Password generator
World map, day/night + local timebeta
Signup using Google
Signup using Github