Hashes As Hand Signatures
A hash is no more than an encryption algorithm that is intended to be
non-revertible - a one way encryption.
Just like Hand Signatures, its main function is to verify the authenticity
of the source or initiator of a particular transaction.
The strength of a hash algorithm lies in the certainty that the hashed data
cannot in be reversed to obtain the original data.
Properties of a Good Hash Algorithm
Any good hash algorithm is expected to possess the following characteristics:
-
Same input data must result in the same hash output every time
hashing is carried out - i.e., hashes must be unique .
This assertion still holds even if the hash is been salted and the salt happens to be changed though the equality may become technical. - A minute alteration in an input data should lead to a very large difference in the hash output.
-
Hashes may be made to be of fixed length or in a particular length range;
So that a hash of an input of say 5 characters will be the same as
that with 1005 characters.
I.e.,length(hash(character_length_5)) = length(hash(character_length_1005)).
Application of Hash Algorithms
If two parties intend to communicate securely with a Public Key -
Private Key set-up over the Internet, the only uncertainty they will face
will be who exactly is the author of a particular message, since a Public Key
is accessible to everybody and anybody on the Internet and files sent
over the Internet - or any other network for that matter - can be
intercepted (and changed - since the Public Key for encrypting messages is available to everyone)
by a suitably placed third party on the network.
This is where Hash Algorithms come into play.
Now since hashes should both be unique and non-revertible, the first party
produces a hash of his message first and encrypts this hash value using his
Private Key before encrypting his message proper using the Public Key of the second party.
The first party sends both message and hash value to the second party.
When the second party receives the message and message hash value in
encrypted forms, he decrypts the message using his private key and
the hash value using the public key of the first party; carries out
a fresh hash on the message, and compares his fresh hash and the sent hash.
If both hashes correspond, then the authenticity of the message has been
verified - i.e., the message could only have been authored by the first party
since even if the message was intercepted, and a change attempted, the hash value
could not be changed unless the intercepting party has knowledge of the first party's
Private Key.
Passwords to online user accounts are also widely hashed before they
are committed to databases.
Every time a user tries to log into his/her account, the entered
password is hashed before been compared to the hash value in the
application's database.
As hash values, if the security of a web application were to be breached
and user account details were stolen, these accounts cannot be compromised
since hash values are non-revertible.
It has to be mentioned though that common passwords can still be made out
by comparing the stolen hash values to hash values for known common passwords.
Create a new C# class file;
Call it Hashes
.
Type out the adjoining C# Hashing Algorithm.
Important: BigInteger is inbuilt in C#.
You only need to use the System.Numerics
library.
You might have to add the above library in the reference
section - Project >> Add Reference...; tick off System.Numerics
- to be able to use it.
C# Code for Hashes Class
using System.Numerics;
using System.Globalization;
namespace Miscellaneous
{
class Hashes
{
public Hashes()
{
}
public String hashWord(char[] msg)
{
// encoding eqn { Tn = (n-2)t1 + 2^n } - please use your own eqn
String hash = "";
BigInteger big_hash = 0;
int n;
int t1;
BigInteger x;
for (int i = 0; i < msg.Length; i++)
{
// get unicode of this character as n
n = (int)msg[i];
t1 = i + 1;
// use recurrence series equation to hash
x = BigInteger.Add(BigInteger.Multiply(n-2, t1), BigInteger.Pow(2, n));
if (i == 0)
{
hash = x.ToString();
big_hash = x;
continue;
}
// convert number from base 10 to base 2
string binary = "";
BigInteger remainder = 0;
do
{
big_hash = BigInteger.DivRem(big_hash, 2, out remainder);
binary = remainder.ToString() + binary;
} while (!big_hash.Equals(BigInteger.Zero));
// bitwise rotate left with the modulo of x
x = BigInteger.Remainder(x, binary.Length);
char[] slice_1 = binary.Substring((int)x).ToCharArray();
// keep as '1' to preserve hash size
slice_1[0] = '1';
string slice_2 = binary.Substring(0, (int)x);
hash = String.Join("", slice_1) + slice_2;
// convert number from base 2 to base 10
big_hash = 0; // not necessary; just stating the obvious
int j = 0;
while (j < hash.Length)
{
big_hash = BigInteger.Add(BigInteger.Multiply(int.Parse(hash[j].ToString()), BigInteger.Pow(2, hash.Length - 1 - j)), big_hash);
j++;
}
}
hash = big_hash.ToString("X");
hash = hash.ToUpper();
return hash;
}
}
}
Main Class
using System.Numerics;
using System.Collections.Generic;
namespace Miscellaneous
{
class Program
{
static void Main(string[] args)
{
char[] message = "merry xmas".ToCharArray();
Hashes one_way = new Hashes();
String hashed = one_way.hashWord(message);
Console.WriteLine("Message is '" + String.Join("", message) +
"';\nMessage hash is " + hashed);
}
}
}