Covid-19 Update: We've taken precautionary measures to enable all staff to work away from the office. These changes have already rolled out with no interruptions, and will allow us to continue offering the same great service at your busiest time in the year.

Encryption and Hashing Algorithms: Tools and Commands

1717 words (7 pages) Essay in Information Systems

18/05/20 Information Systems Reference this

Disclaimer: This work has been submitted by a student. This is not an example of the work produced by our Essay Writing Service. You can view samples of our professional work here.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UK Essays.

To understand what a hash is we need to understand how it works and the various types that are available. Hashes are a string of characters that are created through a cryptographic algorithm. The hash is a fixed length depending on the type selected regardless of the input data (Hoffman, 2018). The hash is like a fingerprint that when assigned to the data it creates a uniquely set of charterers that identifies it just like a fingerprint. There are various types of hashes available to use depending what you are using it for. The most common type of hash used is MD5, SHA-256 and CRC32. These can be used in a variety of ways but the mainly get used for integrity checks of files.

There is no true way to identify a hash by looking at it you can look at the length of the hash and it could help you pick from a small list of algorithms used but there are variants of the same type with the same fixed length so from a technical point of view there is no way to identify a hash. MD5 is a wildly used algorithm used to check data to make sure it is identical from the raw data and would not be used in an advance encryption application.  MD5 hashes are 128-bit in length and are normally shown in 32-bit hexadecimal value there are different variants of message digest (MD) the more common one used today is MD5 but there are also MD4 and MD2 (Fisher, 2019).  MD5 is fast and small but because of the speed of MD5 it is weak against brute force attacks since so many attacks can be performed in a second the attacker has a good chance to get the password. Secure Hashing Algorithm or SHA was developed by the National Security Agency (NSA) the most common used today are SHA-1 and SHA-256 which use 160 and 256-bit hashes. SHA-256 has become the standard for digital signatures because of the larger bit hash security is provided with the more possible combinations. It’s also important to note that larger bit length does not mean more secure hashes it’s the construction of the algorithm that plays a major hand in the security (Lynch, 2018). Finally, cyclic redundancy check (CRC) is mainly used for error-detecting and will detect changes to the data. CRC32 is used as well for file integrity checks but not for any type of security related data (Tyson, 2001).

identifying a tool that can integrate with Linux and Windows, so desktop users are able to verify hash values

There are tools online that can help identify what type of hash is being used by checking the different type of checksums. Most of these tools will give you a idea on what type of algorithm is being used but may not tell you which variant of that type. On Windows and Linux, you can enter commands in to verify the hash and check it with the checksum to verify the file. With Windows you can go to the command prompt and use a built-in function called CertUtil that will display the hash. Linux also has a built feature similar to Windows by typing in for example md5sum (filename) will provide the hash in which you can verify the hash. A good tool for Windows is MD5 & SHA Checksum Utility which from its name is a tool that will all you to generate hashes as well as verify hashes (Fox, 2017). Another tool that is helpful for Windows is HashTab which integrates into Windows file Explorer in which you can calculate various hash values without requiring a separate application running (Implbits, 2017). For Linux GtkHash is an application that allows user to calculate checksums which then can verify the integrity of file and generate hash. There are numerous websites that are made available free to check files to verify the checksum and generate hash. A few sites such as Onlinemd5.com, Md5file.com, and toolsley.com provide these abilities in browser and your information is not stored on their servers. Online tools should only be used for validation, if for calculating a password do it locally just as a precaution.

Elliptic Curve Digital Signature Algorithm (ECDSA) and Rivest Shamir Adleman (RSA) are public key cryptographic algorithms that provide authentication. When looking at the key difference between the two is the key sizes. With RSA a common public key can be 2048-bits providing a security level of 112-bit. ECDSA would only require 224-bit public key and provide the same 112-bit security. The difference here is with ECDSA would require less bandwidth for SSL/TSL making it more efficient over RSA (Naziridis, 2018). Speed is also a advantage that ECDSA has over RSA dealing with key generations and signatures generations, while RSA would do better with signature verification. Below are tables showing the key length and the time required for the various sizes.

Key Generation

Key Length (bits)

Time (secs)

ECC

RSA

ECC

RSA

163

1024

0.08

0.16

233

2240

0.18

7.47

283

3072

0.27

9.80

409

7680

0.64

133.90

571

15360

1.44

679.06

Table I

Signature Generation

Key Length (bits)

Time (secs)

ECC

RSA

ECC

RSA

163

1024

0.15

0.01

233

2240

0.34

0.15

283

3072

0.59

0.21

409

7680

1.18

1.53

571

15360

3.07

9.20

Table II

Signature Verification

Key Length (bits)

Time (secs)

ECC

RSA

ECC

RSA

163

1024

0.23

0.01

233

2240

0.51

0.01

283

3072

0.86

0.01

409

7680

1.80

0.01

571

15360

4.53

0.03

Table III

RSA is used in eCommerce sites helping with securing communications between them and web browsers. RSA would use the SSL and create public and private keys which allows secure connections on both sides of the communications (Bhowmick, 2017). ECDSA is known for its use with Bitcoin, and how its security relies on the algorithm. Bitcoin uses the digital signature bases on the elliptic curve that helps prove Bitcoin ownership and sign. This works by having a signature generated by signing the hash of the transaction. The signature and the key would prove the transaction is created by the owner of the Bitcoin address (Wang, 2014).

References

  • Bhowmick, S. (2017). What is the Role of RSA in Ecommerce. Retrieved July 14, 2019, from https://www.appseconnect.com/what-is-the-role-of-rsa-in-ecommerce/
  • Chung, C. (n.d.). Introduction to Hashing and its uses. Retrieved July 13, 2019, from https://www.2brightsparks.com/resources/articles/introduction-to-hashing-and-its-uses.html
  • Fisher, T. (2019). What Is the MD5 Hash Function, and Is It Secure? Retrieved July 13, 2019, from https://www.lifewire.com/what-is-md5-2625937
  • Fox, A. (2017). How to Verify MD5, SHA-1, and SHA-256 Checksum in Windows 10. Retrieved July 13, 2019, from https://www.maketecheasier.com/verify-md5-sha-1-sha-256-checksum-windows10/
  • Hoffman, C. (2018, August 24). What Are MD5, SHA-1, and SHA-256 Hashes, and How Do I Check Them? Retrieved July 13, 2019, from https://www.howtogeek.com/67241/htg-explains-what-are-md5-sha-1-hashes-and-how-do-i-check-them/
  • Implbits. (2017). Hashtab. Retrieved July 13, 2019, from http://implbits.com/products/hashtab/
  • Lynch, V. (2018, November 09). What is the Difference Between SHA-1, SHA-2 and SHA-256? Retrieved July 13, 2019, from https://www.thesslstore.com/blog/difference-sha-1-sha-2-sha-256-hash-algorithms/
  • Naziridis, N. (2018). Comparing ECDSA vs RSA. Retrieved July 14, 2019, from https://www.ssl.com/article/comparing-ecdsa-vs-rsa/
  • Tyson, J. (2001, April 06). How Encryption Works. Retrieved July 13, 2019, from https://computer.howstuffworks.com/encryption7.htm
  • Wang, D. (september 17, 2014). Secure Implementation of ECDSASignatures in Bitcoin (Unpublished master’s thesis). University College London. Retrieved July 14, 2019, from http://www.nicolascourtois.com/bitcoin/thesis_Di_Wang.pdf
  • What is Cryptographic Hashing? MD5, SHA, and More. (2014). Retrieved July 13, 2019, from https://tiptopsecurity.com/what-is-cryptographic-hashing-md5-sha-and-more/
  • Table I: Arrendondo, Brandon and Jansma, Nicholas. ”Performance Comparisonof Elliptic Curve and RSA Digital Signatures”, 2004. Web.http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.129.7139&rep=rep1&type=pdf
  • Table II: Arrendondo, Brandon and Jansma, Nicholas. ”Performance Comparisonof Elliptic Curve and RSA Digital Signatures”, 2004. Web.http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.129.7139&rep=rep1&type=pdf
  • Table III: Arrendondo, Brandon and Jansma, Nicholas. ”Performance Comparisonof Elliptic Curve and RSA Digital Signatures”, 2004. Web.http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.129.7139&rep=rep1&type=pdf
Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Find out more

Cite This Work

To export a reference to this article please select a referencing style below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please:

Related Lectures

Study for free with our range of university lectures!