Investigating Hashing Algorithms
VerifiedAdded on 2022/12/20
|7
|1630
|80
AI Summary
This document provides an overview of hashing algorithms, specifically focusing on the SHA-3 algorithm. It explains what a hashing algorithm is, describes the characteristics and requirements of SHA-3, and compares it to SHA-1 and SHA-2. The document also discusses the use of hashing algorithms in digital forensics investigations.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Hashing Algorithms
Student’s name
Institution Affiliation(s)
Student’s name
Institution Affiliation(s)
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Task 1: Investigating Hashing Algorithms
1. Explain briefly what is a hashing algorithm?
A hashing algorithm is a cryptographic hash function that is used to map data for example
plain text of any size to a hash value that is pre-specified. Hash functions have been designed
to be used one way, that is, convert the plain text using a hashing algorithm to a hash value.
However, with time encryption experts have found ways to compromise various hashing
algorithms and now some functions can be easily inverted (Faget, 2018).
The hashing algorithm is highly applied in information technology for password storage,
file verification systems, message authentication codes and digital signatures among other
types of authentications. Where hash tables, hashing algorithms can be used for indexing
data. In this regard hashing algorithms become useful in identifying files, fingerprinting or
detecting duplicates. Hashing algorithm work under the basic idea of taking a single input
and generating a fixed length of string every time hashing algorithm is run as shown below.
One major issue that happens while using hashing algorithms is the certainty of
conditions. This occurs due to the fact that hash values represent a specific fixed number of
strings meaning that for every input available or imaginable there are other possible inputs
that can generate the same hash value (Nasr, Hirschberg, & Baldi, 2010).
Figure 1: How the hashing algorithm works (Source: (Faget, 2018)
1. Explain briefly what is a hashing algorithm?
A hashing algorithm is a cryptographic hash function that is used to map data for example
plain text of any size to a hash value that is pre-specified. Hash functions have been designed
to be used one way, that is, convert the plain text using a hashing algorithm to a hash value.
However, with time encryption experts have found ways to compromise various hashing
algorithms and now some functions can be easily inverted (Faget, 2018).
The hashing algorithm is highly applied in information technology for password storage,
file verification systems, message authentication codes and digital signatures among other
types of authentications. Where hash tables, hashing algorithms can be used for indexing
data. In this regard hashing algorithms become useful in identifying files, fingerprinting or
detecting duplicates. Hashing algorithm work under the basic idea of taking a single input
and generating a fixed length of string every time hashing algorithm is run as shown below.
One major issue that happens while using hashing algorithms is the certainty of
conditions. This occurs due to the fact that hash values represent a specific fixed number of
strings meaning that for every input available or imaginable there are other possible inputs
that can generate the same hash value (Nasr, Hirschberg, & Baldi, 2010).
Figure 1: How the hashing algorithm works (Source: (Faget, 2018)
2. Investigate about SHA-3 algorithm, describe its characteristics and
requirements.
Secure Hash Algorithm 3 is commonly referred to as SHA-3 and is the latest algorithm
that belongs to the family of algorithms called Keccak and officially became a standard in
August 2015. SHA-3 is distinct in it's internal and works through a mechanism called sponge
construction. Sponge construction utilizes random permutations to absorb and output data
(squeeze) while at the same time serving as the randomizing future that is integrated into the
hashing algorithms. The message blocks while being absorbed are XORed into a subset of a
given state and then later changed into a single element. SHA-3 algorithm allows for
overcoming the limitations of the preceding algorithms in the SHA-family group as it
provides a great deal of flexibility (Jia et al., 2018).
The internal state of SHA-3 contains additional bits of information making it more secure
as it can have more output thereby preventing the length extension based attacks that the
preceding SHA-family are susceptible to. For some SHA-3 algorithms instances, there is no
particular need for additional block functions during the squeezing stage; the leading bits of
the state are the desired hash values. However, there are some SHA-3 algorithms that allow
outputs that have an arbitrary length and are useful in systems such as optimal asymmetric
padding (Ghosh et al., 2015).
requirements.
Secure Hash Algorithm 3 is commonly referred to as SHA-3 and is the latest algorithm
that belongs to the family of algorithms called Keccak and officially became a standard in
August 2015. SHA-3 is distinct in it's internal and works through a mechanism called sponge
construction. Sponge construction utilizes random permutations to absorb and output data
(squeeze) while at the same time serving as the randomizing future that is integrated into the
hashing algorithms. The message blocks while being absorbed are XORed into a subset of a
given state and then later changed into a single element. SHA-3 algorithm allows for
overcoming the limitations of the preceding algorithms in the SHA-family group as it
provides a great deal of flexibility (Jia et al., 2018).
The internal state of SHA-3 contains additional bits of information making it more secure
as it can have more output thereby preventing the length extension based attacks that the
preceding SHA-family are susceptible to. For some SHA-3 algorithms instances, there is no
particular need for additional block functions during the squeezing stage; the leading bits of
the state are the desired hash values. However, there are some SHA-3 algorithms that allow
outputs that have an arbitrary length and are useful in systems such as optimal asymmetric
padding (Ghosh et al., 2015).
3. How does SHA-3 compare to SHA-1 and SHA-2? Provide your answer in the
form of a comparison table. (4 marks)
Algorithms \
Features
SHA-1 SHA-2 SHA-3
Description This is a hash
function which
resembles the
earlier MD5
algorithm and
was designed
by NSA.
However, some
security issues
were discovered
and it was no
longer
supported after
2010.
It contains two similar
hashing functions that
differ in word size and
block size (Rachmawati,
Tarigan, & Ginting,
2018). Also, there exists a
truncated version of each
of the two hash functions.
SHA-2 was designed by
the NSA.
Secure Hash Algorithm 3 is
commonly referred to as
SHA-3 and is the latest
algorithm that belongs to
the family of algorithms
called Keccak. SHA-3 is
distinct in it's internal and
works through a
mechanism called sponge
construction (Rachmawati
et al., 2018).
First
published
1995 2001 2015
Output size 160 bits 224,256,384 and 512 bits 224,256,384 and 512 and
d(arbitrary) bits
Internal state
size
160, (5 × 32)
bits
256, (8 × 32) and 512,
(8 × 64) bits
1600, (5 × 5 × 64) bits
Rounds 80 64, 80 24
Operations And, Xor, Rot,
Add (mod 232),
Or, Shr
And, Xor, Rot, Add (mod
232), Add (mod 264), Or,
Shr
And, Xor, Rot, Not
Block size 512 512, 1024 1152,1088, 832, 576 and
1344
Security
against
collision
attacks (bits)
<63 (collisions
found)
112, 128, 192 and 256 112, 128, 192, 256,
min(d/2, 128) and min(d/2,
256)
Capacity
against length
extension
attacks
0 0, 32, 256, 288 and
128(≤384)
256, 448, 512, 768 and
1024
form of a comparison table. (4 marks)
Algorithms \
Features
SHA-1 SHA-2 SHA-3
Description This is a hash
function which
resembles the
earlier MD5
algorithm and
was designed
by NSA.
However, some
security issues
were discovered
and it was no
longer
supported after
2010.
It contains two similar
hashing functions that
differ in word size and
block size (Rachmawati,
Tarigan, & Ginting,
2018). Also, there exists a
truncated version of each
of the two hash functions.
SHA-2 was designed by
the NSA.
Secure Hash Algorithm 3 is
commonly referred to as
SHA-3 and is the latest
algorithm that belongs to
the family of algorithms
called Keccak. SHA-3 is
distinct in it's internal and
works through a
mechanism called sponge
construction (Rachmawati
et al., 2018).
First
published
1995 2001 2015
Output size 160 bits 224,256,384 and 512 bits 224,256,384 and 512 and
d(arbitrary) bits
Internal state
size
160, (5 × 32)
bits
256, (8 × 32) and 512,
(8 × 64) bits
1600, (5 × 5 × 64) bits
Rounds 80 64, 80 24
Operations And, Xor, Rot,
Add (mod 232),
Or, Shr
And, Xor, Rot, Add (mod
232), Add (mod 264), Or,
Shr
And, Xor, Rot, Not
Block size 512 512, 1024 1152,1088, 832, 576 and
1344
Security
against
collision
attacks (bits)
<63 (collisions
found)
112, 128, 192 and 256 112, 128, 192, 256,
min(d/2, 128) and min(d/2,
256)
Capacity
against length
extension
attacks
0 0, 32, 256, 288 and
128(≤384)
256, 448, 512, 768 and
1024
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Task 3: Research Project
The general procedure for conducting an investigation is by defining the goals, coming up
with a scope, the materials needed and the task performed during the investigation. Firstly,
you have to determine to which category the investigation belongs to, that is, the category of
potential fraud for instance;
a) Is it criminal - that is limited data defined through a search warrant?
b) Is it civil - this is limited to court orders for discovery?
c) Is it corporate this expands the findings as much as possible until company policies
are violated resulting in scope creep?
Conducting an investigation is a tiresome process that requires enough time that is
flexible to accommodate more scope, be able to extract the data, follow the necessary
procedures of analyzing the data and presenting this analysis to the relevant authorities for
decision making based on the outcomes on the investigation. If the investigation is internal,
then this becomes much easier as access to supporting documents and evidence is readily
available. However, in an external investigation, there might arise issues like permission or
periodic auto removal of possible evidence (Zhang & Wang, 2012).
When conducting a digital forensics investigation, one has to follow explicit steps of
data validation using hashing algorithms like MD5 and SHA-1. These algorithms help in
exploring all the files and directories under the root folder; they help in the recovery of
password protected files, they also help in the removal of malware as well as helping in
maintaining all the evidence and findings through proper forensic examinations (Rachmawati
et al., 2018).
Validating data when conducting a digital forensic investigation is a critical step as it
ensures the integrity of the evidence collected for presenting to the court of the relevant
authorities. Although most computer forensic tools provide automated hashing of image files,
there are some known limitations in performing this hashing and for my investigation, I
The general procedure for conducting an investigation is by defining the goals, coming up
with a scope, the materials needed and the task performed during the investigation. Firstly,
you have to determine to which category the investigation belongs to, that is, the category of
potential fraud for instance;
a) Is it criminal - that is limited data defined through a search warrant?
b) Is it civil - this is limited to court orders for discovery?
c) Is it corporate this expands the findings as much as possible until company policies
are violated resulting in scope creep?
Conducting an investigation is a tiresome process that requires enough time that is
flexible to accommodate more scope, be able to extract the data, follow the necessary
procedures of analyzing the data and presenting this analysis to the relevant authorities for
decision making based on the outcomes on the investigation. If the investigation is internal,
then this becomes much easier as access to supporting documents and evidence is readily
available. However, in an external investigation, there might arise issues like permission or
periodic auto removal of possible evidence (Zhang & Wang, 2012).
When conducting a digital forensics investigation, one has to follow explicit steps of
data validation using hashing algorithms like MD5 and SHA-1. These algorithms help in
exploring all the files and directories under the root folder; they help in the recovery of
password protected files, they also help in the removal of malware as well as helping in
maintaining all the evidence and findings through proper forensic examinations (Rachmawati
et al., 2018).
Validating data when conducting a digital forensic investigation is a critical step as it
ensures the integrity of the evidence collected for presenting to the court of the relevant
authorities. Although most computer forensic tools provide automated hashing of image files,
there are some known limitations in performing this hashing and for my investigation, I
would prefer an advanced hexadecimal editor to work with hash values to discriminate the
data. When conducting the investigation, I would use the hash values and the Known File
Filter (KFF) to find the program files from view such as MS Excel and MS Word and then
from there determine the illegal files. KFF compares the known hash values to files that are
on the evidence hard drive of the extracted image files. It also updates itself of any known file
hash values (Ali et al., 2017).
data. When conducting the investigation, I would use the hash values and the Known File
Filter (KFF) to find the program files from view such as MS Excel and MS Word and then
from there determine the illegal files. KFF compares the known hash values to files that are
on the evidence hard drive of the extracted image files. It also updates itself of any known file
hash values (Ali et al., 2017).
References
Ali, A., Razak, S. A., Othman, S. H., Mohammed, A., & Saeed, F. (2017). A metamodel for
mobile forensics investigation domain. PLOS ONE, 12(4), e0176223.
https://doi.org/10.1371/journal.pone.0176223
Faget, A. (2018, October 29). How Does a Hashing Algorithm Work? Retrieved April 30,
2019, from Coindoo website: https://coindoo.com/how-does-a-hashing-algorithm-
work/
Ghosh, R., Verma, S., Kumar, R., Kumar, S., & Ram, S. (2015). Design of Hash Algorithm
Using Latin Square. Procedia Computer Science, 46, 759–765.
https://doi.org/10.1016/j.procs.2015.02.144
Jia, C. J., Wang, Y., Mendl, C. B., Moritz, B., & Devereaux, T. P. (2018). Paradeisos: A
perfect hashing algorithm for many-body eigenvalue problems. Computer Physics
Communications, 224, 81–89. https://doi.org/10.1016/j.cpc.2017.11.011
Nasr, R., Hirschberg, D. S., & Baldi, P. (2010). Hashing Algorithms and Data Structures for
Rapid Searches of Fingerprint Vectors. Journal of Chemical Information and
Modeling, 50(8), 1358–1368. https://doi.org/10.1021/ci100132g
Rachmawati, D., Tarigan, J. T., & Ginting, A. B. C. (2018). A comparative study of Message
Digest 5(MD5) and SHA256 algorithm. Journal of Physics: Conference Series, 978,
012116. https://doi.org/10.1088/1742-6596/978/1/012116
Zhang, J., & Wang, L. (2012). An integrated open forensic environment for digital evidence
investigation. Wuhan University Journal of Natural Sciences, 17(6), 511–515.
https://doi.org/10.1007/s11859-012-0879-3
Ali, A., Razak, S. A., Othman, S. H., Mohammed, A., & Saeed, F. (2017). A metamodel for
mobile forensics investigation domain. PLOS ONE, 12(4), e0176223.
https://doi.org/10.1371/journal.pone.0176223
Faget, A. (2018, October 29). How Does a Hashing Algorithm Work? Retrieved April 30,
2019, from Coindoo website: https://coindoo.com/how-does-a-hashing-algorithm-
work/
Ghosh, R., Verma, S., Kumar, R., Kumar, S., & Ram, S. (2015). Design of Hash Algorithm
Using Latin Square. Procedia Computer Science, 46, 759–765.
https://doi.org/10.1016/j.procs.2015.02.144
Jia, C. J., Wang, Y., Mendl, C. B., Moritz, B., & Devereaux, T. P. (2018). Paradeisos: A
perfect hashing algorithm for many-body eigenvalue problems. Computer Physics
Communications, 224, 81–89. https://doi.org/10.1016/j.cpc.2017.11.011
Nasr, R., Hirschberg, D. S., & Baldi, P. (2010). Hashing Algorithms and Data Structures for
Rapid Searches of Fingerprint Vectors. Journal of Chemical Information and
Modeling, 50(8), 1358–1368. https://doi.org/10.1021/ci100132g
Rachmawati, D., Tarigan, J. T., & Ginting, A. B. C. (2018). A comparative study of Message
Digest 5(MD5) and SHA256 algorithm. Journal of Physics: Conference Series, 978,
012116. https://doi.org/10.1088/1742-6596/978/1/012116
Zhang, J., & Wang, L. (2012). An integrated open forensic environment for digital evidence
investigation. Wuhan University Journal of Natural Sciences, 17(6), 511–515.
https://doi.org/10.1007/s11859-012-0879-3
1 out of 7
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.