Hashing & Encryption in Cybersecurity
What is data and importance of data in digital world
In Today’s digital world personal data is the most important and valuable thing, it can be government data, medical data,
employment/education data, etc. Anything related to personal things and stuffs is known as data Today everything’s
going online, whether it online shopping, online banking, online education or work from home. There is a great amount
of data in digital form, stored in many technologies like cloud storage, big data, serverization. With increment of
digitalization, the amount of digital data is increasing exponentially.
There is digital transformation in every sector like economic, social, educational, institutional, business, etc. All
technologies are based on digital data whether it is Big data, Hadoop, Artificial Intelligence and Machine Learning,
Robotics, Cybersecurity etc. Any policy decisions on data can have wide effects in socialism. So to maintain integrity
of data it is important to keep it safe and secure, with proper authorization and authentication.
Risks Of Data Stealing
Data stealing is also known as data breach. Data stealing is the act of stealing digital data, information of any
individual in order to compromise online privacy, digital information includes financial information like bank account
details, credit and debit card numbers, etc. And personal information like driving license no, personal address, job
employment number, health and tax invoice records that are stored on computers, data storage devices like servers and
cloud technology. With development of digitalization, there is huge increment in online fraud and data stealing. No day
comes when there is no cyber attack. Today almost every organization is suffering from various types of cyber attacks,
mostly its data breach. But in today’s world it’s also important to stand forward in technological aspects. The most
approproate step to folllow is to make the online security of organization as strong as much, whether its computer
security, network security or cybersecurity. The most common flaw in any security is default, weak or unencrypted
data including passwords.
Businesses and organizations are often targets of data breach and victim of this breach are cusomers and clients. And
data breach mostly happens due to a hacked system, like some umauthorised person has access to the private
information
Common threats that can alter the state of data integrity include:
Human error.
Unintended transfer errors.
Misconfigurations and security errors.
Malware, insider threats, and cyberattacks.
Compromised hardware.
Some of the most effective ways to reduce data integrity risks include:
Promote a Culture of Integrity..
Implement Quality Control Measures..
Create an Audit Trail..
Develop Process Maps for All Critical Data..
Eliminate Known Security Vulnerabilities..
Follow a Software Development Lifecycle..
Validate Your Computer Systems.Need of Cybersecurity:
We live in a digital world. Our work, personal and social lives, and finances have all begun gravitating toward the world
of the internet, mobile computing, and electronic media, cloud and virtualization media. Unfortunately, this widespread
phenomenon makes us more vulnerable than ever to malicious attacks, invasions of privacy, fraud, and other such
unpleasantries.That’s why cybersecurity is such a vital part of a secure and well-ordered digital world.
Cybersecurity keeps us safe from hackers, cyber criminals, and other agents of fraud. Cybercrimes have cost the world
$2 trillion so far in 2019, according to recent research. Cybersecurity Ventures predicted in 2017 that damages would hit
$6 trillion by 2021, prompting global spending of roughly $10 billion in cyber-security measures by 2027 to protect
against these catastrophic losses.
But it’s not just the big companies and organizations that get hit. Average, everyday consumers experience phishing
schemes, ransomware attacks, identity theft, data breaches, and financial losses. For instance, it takes just five minutes
to hack an internet-connected device, which includes your smartphone, smartwatch, on-board automobile computer,
smart television, and home control systems, according to a Netscout report.
This means the more we rely on the internet, the more we need good cybersecurity in all its forms.
The Different Forms of Cybersecurity Threats
When it comes to infiltrating your system, hackers have an entire toolbox worth of tricks at their disposal. For instance:
• Denial-of-service (DoS) Attacks
Hackers flood a network with requests to exhaust bandwidth. In many cases, DoS attacks are meant to be more
of a nuisance than anything else.
• Man-in-the-middle (MitM) Attack
This attack happens when hackers insert themselves into a two-party communication. Once they’re in, they can
steal data.
• Phishing Attacks
Phishing uses fake emails and text messages to get people to give hackers access to private information. It is
one of the most regular attacks, especially against the general public.
• Malware
This attack method is broken down into spyware, ransomware, worms, and viruses. Emails or downloads
usually deliver these attacks from suspicious sites.
• SQL Injection Attack
Hackers insert malicious code onto an SQL-using server, usually via a vulnerable website search box. Once
carried out successfully, the attack lets the hacker see information otherwise kept off-limits.
• Password Attack
Just what it sounds like. Hackers try to crack a password, usually a poorly chosen one and gain network entry.Cryptography
Cryptography is the study of secure communications techniques that allow only the sender and intended recipient of a
message to view its contents. The term is derived from the Greek word kryptos, which means hidden. It is closely
associated to encryption, which is the act of scrambling ordinary text into what’s known as ciphertext and then back
again upon arrival. In addition, cryptography also covers the obfuscation of information in images using techniques
such as microdots or merging. Ancient Egyptians were known to use these methods in complex hieroglyphics, and
Roman Emperor Julius Caesar is credited with using one of the first modern ciphers . When
transmitting electronic
data, the most common use of cryptography is to encrypt and decrypt email and other plain-text
messages. The simplest method uses the symmetric or “secret key” system. Here, data is encrypted
using a secret key, and then both the encoded message and secret key are sent to the recipient for
decryption. The problem? If the message is intercepted, a third party has everything they need to
decrypt and read the message. To address this issue, cryptologists devised the asymmetric or “public
key” system. In this case, every user has two keys: one public and one private. Senders request the
public key of their intended recipient, encrypt the message and send it along. When the message
arrives, only the recipient’s private key will decode it — meaning theft is of no use without the
corresponding private key.
History Of Cryptography
The earliest form of cryptography was the simple writing of a message, as most people could not read (New World,
2007). In fact, the very word cryptography comes from the Greek words kryptos and graphein, which mean hidden and
writing, respectively. Early cryptography was solely concerned with converting messages into unreadable groups of
figures to protect the message’s content during the time the message was being carried from one place to another. In the
modern era, cryptography has grown from basic message confidentiality to include some phases of message integrity
checking, sender/receiver identity authentication, and digital signatures, among other things.
The need to conceal messages has been with us since we moved out of caves, started living in groups and decided to
take this civilization idea seriously. As soon as there were different groups or tribes, the idea that we had to work against
each other surfaced and was proliferated, along with rank violence, secrecy, and crowd manipulation. The earliest forms
of cryptography were found in the cradle of civilization, which comes as no surprise, including the regions currently
encompassed by Egypt, Greece and Rome.
The Caesar Shift Cipher is an example of a Monoalphabetic Cipher. It is easy to see why this method of encryption is
simple to break. All a person has to do is to go down the alphabet, juxtapositioning the start of the alphabet to each
succeeding letter. At each iteration, the message is decrypted to see if it makes sense. When it does appear as a readable
message, the code has been broken. Another way to break Monoalphabetic ciphers is by the use of what is known as
frequency analysis, attributed to the Arabs circa 1000 C.E. (New World, 2007). This method utilizes the idea that certain
letters, in English the letter “e,” for instance, are repeated more often than others. Armed with this knowledge, a person
could go over a message and look for the repeated use, or frequency of use, of a particular letter and try to substitute
known frequently used letters.The art and science of cryptography showed no major changes or advancements until the Middle Ages. By that time, all
of the western European governments were utilizing cryptography in one form or another. Keeping in touch with
ambassadors was the major use of cryptography. One Leon Battista Alberti was known as “The Father of Western
Cryptology,” most notably due to his development of polyalphabetic substitution. His method was to use two copper
disks that fit together. Each one of them had the alphabet inscribed on it. After every few words, the disks were rotated
to change the encryption logic, thereby limiting the use of frequency analysis to crack the cipher (Cohen, 1990).
Polyalphabetic substitution went through a variety of changes and is most notably attributed to Vigenere, although
Rubin claims that he in fact had nothing to do with its creation. Rubin further points out that the use of the cipher disks
continued in the Civil War, with the South using brass cipher disks, although the North regularly cracked the messages.
In modern times, the public key method of cryptography has seen wide adoption. The use of a common public key and a
private key held only by the sender is in use today as a form of asymmetric encryption; one of the uses of this method is
for the sender to use the private key to encrypt the message and then anyone who receives the message uses the public
key to decipher it. In this way, the receiver knows who the message had to come from.
This method makes up the backbone of the Digital Signature. Problems arise when communications between multiple
organizations require the use of many public keys and knowing when to use which one. No matter which method is
used, a combination of methods applied one after the other will give the best result. Perhaps it is itself coded in what is
has already been written.Hashing and its types
Hashing means using some function or algorithm to map object data to some representative integer value.This so-called
hash code (or simply hash) can then be used as a way to narrow down our search when looking for the item in the
map.Generally, these hash codes are used to generate an index, at which the value is stored.
Hashing is designed to solve the problem of needing to efficiently find or store an item in a collection.For example, if
we have a list of 10,000 words of English and we want to check if a given word is in the list, it would be inefficient to
successively compare the word with all 10,000 items until we find a match. Even if the list of words are
lexicographically sorted, like in a dictionary, you will still need some time to find the word you are looking for.Hashing
is a technique to make things more efficient by effectively narrowing down the search at the outset.
Hash tables have to support 3 functions.
• insert (key, value)
• get (key)
• delete (key)
Types of Hashing
• RipeMD
• Tiger
• xxhash
• MD5
• SHA-1
• SHA-2
• CRC32.
• LANMAN
• NTLM
• NIST
• HMAC SHA1
• AES
• DES
Some Important and Most used Hashing Types:
SHA-1:-
SHA-1 or Secure Hash Algorithm 1 is a cryptographic hash function which takes an input and produces a 160-bit (20-
byte) hash value. This hash value is known as a message digest. This message digest is usually then rendered as a
hexadecimal number which is 40 digits long. It is a U.S. Federal Information Processing Standard and was designed by
the United States National Security Agency.
SHA-2:-
SHA-1 or Secure Hash Algorithm 1 is a cryptographic hash function which takes an input and produces a 160-bit (20-
byte) hash value. This hash value is known as a message digest. This message digest is usually then rendered as a
hexadecimal number which is 40 digits long. It is a U.S. Federal Information Processing Standard and was designed by
the United States National Security Agency. ShA-2 is next version of SHA-1 i.e., more reliable, more secure, more
strong encryption.
CRC-32:-
It is a 32-bit cyclic redundancy code, a very commonly used hash function.. There’s a CRC32 “checksum” on every
Internet packet; if the network flips a bit, the checksum will fail and the system will drop the packet. CRC32 is widely
used because it has nice spreading properties and you can compute it quickly. By convention the output value for a CRC
is called a “checksum”, and the output value for a hash function is called a “digest”. CRCs are a type of error-detecting
code used to implement checksums.
HMAC SHA-1:-
HMAC(SHA-1) is an algorithm for Hash computation that also accepts a key as input value. The algorithm follows
certain rules and guarantees a certain level of security and resilience against attacks. HMAC can provide message
authentication using a shared secret instead of using digital signatures with asymmetric cryptography. It trades off the
need for a complex public key infrastructure by delegating the key exchange to the communicating parties, who are
responsible for establishing and using a trusted channel to agree on the key prior to communication.
MD5:-
The MD5 hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and
returns as output a fixed-length digest value to be used for authenticating the original message.
Message Digest Algorithm 5 (MD5) is a cryptographic hash algorithm that can be used to create a 128-bit string value
from an arbitrary length string. Although there has been insecurities identified with MD5, it is still widely used. MD5 is
most commonly used to verify the integrity of files.
NIST:-
Its actually a policy on hashing algorithm. Randomized Hashing for Digital Signatures provides recommendation for
randomizing the hash input messages prior to signature generation to strengthen the security of the digital signatures
being generated.
LANMAN:-
Or say LM hash, s a compromised password hashing function that was the primary hash that Microsoft LAN Manager
and Microsoft Windows versions prior to Windows Server NT used to store user passwords.
The LM hash uses the DES encryption method, by creating an encryption key from the user’s password, and encrypting
a string.
NTLM:-
New Technology (NT) LAN Manager hash is the new and more secure way of hashing passwords used by current
Windows operating systems. It first encodes the password using UTF-16-LE and then hashes with MD-4 hashing
algorithm. It can be used to recover the password through Brute Force/Dictionary attacks.
AES:-
Its actually an Encryption algorithm, and its most advanced type of Hashing (more than just hashing). The AES
algorithm (also known as the Rijndael algorithm) is a symmetrical block cipher algorithm that takes plain text in blocks
of 128 bits and converts them to ciphertext using keys of 128, 192, and 256 bits. Since the AES algorithm is considered
secure, it is in the worldwide standard.
DES:-
Its also a data Encryption Algorithm, but it works on NIST policy, The DES (Data Encryption Standard) algorithm is a
symmetric-key block, by an IBM team and adopted by the National Institute of Standards and Technology (NIST). The
algorithm takes the plain text in 64-bit blocks and converts them into ciphertext using 48-bit keys.Hashing Passwords
Password hashing is used to verify the integrity of your password, sent during login, against the stored hash so that your
actual password never has to be stored. Not all cryptographic algorithms are suitable for the modern industry.
Verifying Integrity
Hash-based verification ensures that a file has not been corrupted by comparing the file’s hash value
to a previously calculated value. If these values match, the file is presumed to be unmodified.
Its done by using digital signature, basically digital signature is a file, which is generated during
production, to ensure integrity of the application. It means if there is any modification in source
code of application the newly generated signature will differ from original one, it ensures that file or
application is unauthorized and may contains malwares, spywares or ransomware. Salting (Hashing with Salt)
A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique
passwords even in the instance of two users choosing the same passwords. Salts help us mitigate hash table attacks by
forcing attackers to re-compute them using the salts for each user.
Salted secured hash algorithm helps protect password hashes against dictionary attacks by introducing additional
randomness. … The goal of salting is to defend against dictionary attacks or attacks against hashed passwords using a
rainbow table.
Using ten different salts increases the security of hashed passwords by increasing the computational power required to
generate lookup tables by a factor of ten. If the salt is stored separately from a password, it also makes it challenging for
an attacker to reverse engineer a password.
A salt is used to add additional random bits to the password to make certain attacks less efficient. So the more entropy
the salt adds, the better. Currently, PKCS #5 recommends a salt length of at least 64 bits entropy, the often
recommended decrypt uses 128 bits and you could even use more. Difference Between Hashing , Encryption and Salting
• Encryption is a two-way function where information is scrambled in such a way that it can be unscrambled
later.
• Hashing is a one-way function where data is mapped to a fixed-length value. Hashing is primarily used for
authentication.
• Salting is an additional step during hashing, typically seen in association to hashed passwords, that adds an
additional value to the end of the password that changes the hash value produced.
Quick Summary and Conclusion
In this article we learnt and understood about:
Data and it’s importance
Risks of Data Stealing
Need of Cybersecurity
Cryptography and it’s history
Hashing and types of hashing
Password Hashing
Verifying Integrity
Encryption
Salting (Hashing with Salt)
Conclusion:- As far we got to know what is Hashing, now the thing comes why do they exist, It exists to make
communication or let say general information more secure from Man In The Middle (MITM). And to ensure full
integrity and confidentiality of the message. That makes any attacker much difficult to reveal actual information.
That’s all for this Article, Hope you like it.
THANK YOU
