But it is not what your eyes are seeing…
I am sure that you would remember that a hash function takes an entry, for example, a number, phrase, file or password and calculates a sequence from it, usually represented in hexadecimal format.
Examples of hash functions are: MD4, MD5, SHA1, SHA256, SHA512.
For the context of this post, I would focus only on MD5 Hash Algorithm and SHA only for a reference. Right!
MD5 Algorithm
MD5 Algorithms are useful because it is easier to compare and store these smaller hashes than to store a large text of variable length. It is a widely used algorithm for one way hashes that are used to verify without necessarily giving the original value. MD5 Algorithm is used by Unix systems to store the passwords of the user in a 128-bit encrypted format.
MD5 algorithms are widely used to check the integrity of the files also.
Moreover, it is very easy to generate a message digest of the original message using this algorithm. It can perform the message digest of a message having any number of bits, it is not limited to message in the multiples of 8, unlike MD5 sum which is limited to octets.
Moreover, it is quite slow then the optimized SHA algorithm. SHA is much secure than MD5 algorithm and moreover, it can be implemented in existing technology with exceeding rates, unlike MD5. Nowadays new hashing algorithms are coming up in the market keeping in mind higher security of data like SHA256 (which generates 256 bits signature of a text).
But from many years MD5 has been prone to hash collision weakness, i.e., it is possible to create the same hash function for two different inputs. MD5 provides no security over these collision attacks. It generates collision very easily, for example, the words SECRET and ESRCTE would generate the same Hash, what make a weak Hash Algorithmic.
The whole point of the 2-images shown here is that--
Nat McHugh at his blog post, shared that he used small changes in the bytes of the images (changes of 1 bit per pixel, which slightly changes the color, imperceptible to the human eye) to make these two images have the same MD5:
253dde4eB74g2e4fc3471de5e776bc3d
(ship. Jpg)
253dde4eB74g2e4fc3471de5e776bc3d
(plane. jpg )
What happened was MD5 Hash Collusion!
Here is the lesson:
Remember, Secure Hash Algorithm, which produces 160-bit message digest and has been designed by NSA to be a part of digital signature algorithm. Instead of MD5, SHA is now more acceptable in the cryptographic field for generating the hash function as it is not easy to produce SHA-I collision and till now no collision has been produced yet.
Thus, guys, try to use the advanced SHA algorithms whenever possible.
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM