68 Chapter 3 ■ Cryptography
Understanding Hashing
Simply put, hashing is one-way encryption. It is a form of encryption that creates a scram-
bled output that cannot be reversed, or at least cannot be reversed easily. The process of
hashing takes plaintext and transforms it into ciphertext, but does so in such a way that it
is not intended to be decrypted. The process outputs what is known as a hash, hash value,
or message digest.
Designed to be a one-way process, hashing is commonly used to validate the integrity of
information. A hash function generates a fixed-length value that is always the same length
no matter how large or small the data entering the process or algorithm is. The resulting
output, as we already discussed, is intended to be nonreversible or very nearly impossible
to reverse. The fixed-length value is unique for every different input that enters the process.
It is due to this unique property and its behavior that hashes are used to detect the changes
that can happen in data of any type.
Hashing lets you easily detect changes in information: anything that is hashed and then
changed, even a small amount, will result in an entirely different hash from the original.
Hashed values are the result of information being compressed into the fixed-length value. A
one-way hash function is also sometimes referred to as a one-time cipher key, or a thumbprint.
The following is a list of hashing algorithms currently in use:Message Digest 2 (MD2) A one-way hash function used in the privacy-enhanced mail
(PEM) protocols along with MD5.Message Digest 4 (MD4) A one-way hash function used for PGP and other systems. MD4
has been replaced by MD5 in most cases.Message Digest 5 (MD5) An improved and redesigned version of MD4 that produces a
128-bit hash. MD5 is still extremely popular in many circles, but it is being phased out due
to weaknesses that have led to the system being vulnerable. In many cases, MD5 has been
replaced with SHA2.Message Digest (MD6) A hashing algorithm that was designed by Ron Rivest.H AVA L A variable-length, one-way hash function and modification of MD5.Whirlpool A hashing algorithm designed by the creators of AES.Tiger A hash that is optimized for 64-bit processors but works well on other systems.RIPE-MD A hashing algorithm commonly used in Europe.Secure Hash Algorithm-0 (SHA-0) Used prior to SHA-1 and has since been replaced by
SH A-1.Secure Hash Algorithm-1 (SHA-1) One of the other more commonly used hashing
algorithms. It has been broken.Secure Hash Algorithm-2 (SHA-2) Designed to be an upgrade to SHA-1.