Saturday, January 5, 2013

Today I am going to post about security. Many of people has a misconception about hashing and encryption. Not only that many cannot understand when to use hashing and when to use encryption. So here we will discuss differences of hashing and encryption.
HASHING
They provide a mapping between an arbitrary length input, and usually fixed or smaller length output. It can be anything like simple CRC32, to a full blown cryptographic hash function such as MD5 , SHA-1/SHA-2/SHA-256/SHA-512. A one-way mapping is carried out. It's always a many:one mapping (there will always be collisions) since every function produces a smaller output than it's capable of inputting.
The reason they are hard and practically impossible to reverse is because of their algorithms. Most hash functions iterate over the input many times to produce the output. At each fixed length input (which is algorithm dependent), the hash function will call it its current state. It will then iterate over this state and change to a new one and use the result as feedback (MD5 do this 64 times for each of 512bits of data). It then combines the resultant states from all the iterations back together to form the resultant hash of the input.
Now, if we want to decode the hash, you'd first need to figure out how to split the given hash into its iterated states. Then we need to reverse the iteration for each state. Now, to explain why this is VERY HARD, think of trying to deduce x and y from : x + y=10. There are 10 positive combinations of x and y that can work. Now iterate over that a number of times: tmp = x + y; x = y; y = tmp. For 64 iterations, we will have 10^64 possibilities. Real hash functions do a lot more than one operation (MD5 does 15 operations on 4 state variables). And since the next iteration depends on the state of the previous and the previous is destroyed in creating the current state, it's all but impossible to determine the input state that led to a given output state. Brute-force is a better choice than decoding if the length of input is known.

ENCRYPTION
They provide a 1:1 mapping between an arbitrary length input and and output  and are always reversible. It is always 1:1 for a given key. Now, there are multiple input:key pairs that might generate the same output. Good encrypted data is indistinguishable from random noise. This is different from a hash output which is always of a consistent format.

0 comments:

Post a Comment

Total Pageviews

Subscribe via Email

Followers


Popular Posts

About Me

My photo

I am a student of BTech Computer Science Engineering from RCCIIT,Kolkata. I am a crazy lover of Java and wants to settle as a Java developer. I have a seven years Java experience with an application developer experience for 2 years. Recently from March 2012 I am a registered S40 app developer for Nokia and has corrected an app of them. I am currently writing blogs to encourage and grow interest in all those who don't know or learning Java.