Hashing Flashcards
(14 cards)
What Is Hashing?
Hashing = Integrity Check
Detects any change in data (even 1 space).
Output changes completely with any edit.
Used to ensure data hasn’t been tampered with.
Common Hashing Types
Base64: Email, Unix password hashing
NTLM: Used in Windows (stored in Registry)
MD5: 128 bits = 32 hex characters
SHA-1: 160 bits = 40 hex characters
SHA-2: 256, 384, or 512 bits.
What is a Hash Value?
Hash Value = Digital Fingerprint
AKA Cryptographic Hash. All mean the same thing: a unique data summary.
What is a Hash Collision?
Hash Collision = Two different inputs → same hash output.
Example: Doc 1: “The house is great” → Hash X; Doc 2: (different) → Still Hash X. This is bad—shows weakness in the hash function (e.g. MD5).
What is a Pre-image Attack?
Pre-image Attack = Find input that gives a known hash output.
Used to forge data to match a legit hash. Types: Partial Context: Part of message is same; Full Context: Entirely new msg, same hash.
What is a Birthday Attack?
Birthday Problem: With ~70 people, high chance 2 share a birthday.
Used to find hash collisions faster. Needs ~2^(n/2) tries (n = hash bit size).
Why Is It Dangerous?
Collisions affect:
✅ Integrity checks (can fake unchanged files)
🔏 Digital signatures (fake sender identity)
🔐 Passwords (bypass auth).
If hashes aren’t unique, attackers can sneak in fake or harmful data undetected.
What is the output size of an MD5 hash?
MD5 = 128 bits
Shown as 32 hexadecimal characters
What are the characteristics of MD5?
Weak – vulnerable to collisions
How does LM hash split passwords?
LM hash splits passwords into 2 parts: Each part = 7 characters
Total = 14 characters max
What are the security characteristics of LM hash?
Insecure – case insensitive & outdated
What does NTLM store in Windows?
NTLM stores Windows credentials
Example: user:HASH1:HASH2:::
How does NTLM compare to LM hash?
Replaced LM hash, still not as strong as bcrypt or SHA-512
