Hashing And Salting – The What And How

“irgvctxmsr” – sounds like gibberish, doesn’t it? But if you were to decrypt this string using a mono-alphabet shift cipher where each letter has been shifted to the right by 4 numbers, you would see that it spells “encryption”!

Protecting critical data and information by encrypting them was first performed by Julius Caesar in 120 BC. The art of encryption has been through several modern shifts, and currently most of the data on the internet is protected using sophisticated encryption algorithms like AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adlemen), ECC (Elliptic Curve Cryptography) and PGP (Pretty Good Privacy).

Deciphering an encrypted message requires a key. Nowadays, messages are encrypted using public keys and decrypted using private keys. The private keys are shared privately between two trusted parties. Losing a private key can be disastrous, as encrypted messages can then be read by anybody with access to the private key.

Password Hashing

While encryption is a two-way function and is primarily done with the intention of being decrypted, password hashing is a one-way function. Hashing allows us to use a mapping function to map data of any size to a fixed length. The resultant output is called the hash value. Technically, hashing is reversible – however, the computing power required to get the original message makes it impossible for the original message to be decoded. Simply put, encryption protects the data in transit while hashing is used to authenticate the data and lets you know if it has been tampered with.

Here is how it works – consider that you have a digital document that you have digitally signed and uploaded to your website for another person to download. Now, you will run a hash function on the document and another one on your digital signature and encrypt the resulting hash values. Once a designated person downloads the document, the browser decrypts the hash values using a key and runs the same hash function on the document. If the resulting hash values are the same for the sender and receiver, it means the document and signature have not been tampered with.

Modern hashing algorithms include SHA (Security Hashing Algorithm), RIPEMD, WHIRLPOOL, and TIGER.

Salted Passwords

Salting is the process of adding an additional layer of security to the hashing process by adding a unique value to the end of the password and hashing the new password. By adding even one letter to your password and hashing it, you can change its hash value and make it harder for interceptors to find your password. For example, if your password is “V67gHD92”, you can add a unique character or string to the end of it and make it something like “V67gHD92SPICE”. Here, the word “SPICE” is called the salt.

Salting a password protects any data from brute force attacks in which bots attempt every possible combination of letters and numbers until the password is cracked. However, if the attacker knows your salt, the entire process of salting becomes worthless.

In this day and age where network and information protection requires meticulous planning and dedicated resources, we at CloudNow Technologies want to make things easy for you. Our network security solution Akku is designed to protect your network against sophisticated and high-level attacks. To know more about how we can help you protect your network, get in touch with us now.
Contact us