Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

05 Assets, Threats, and Vulnerabilities > MD2 Non-repudiation and hashing > Flashcards

MD2 Non-repudiation and hashing Flashcards

1
Q

A hash function

A

A hash function is an algorithm that produces a code that can’t be decrypted. Unlike asymmetric and symmetric algorithms, hash functions are one-way processes that do not generate decryption keys. Instead, these algorithms produce a unique identifier known as a hash value, or digest. Here’s an example to demonstrate this.

In security, hashes are primarily used as a way to determine the integrity of files and applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Hash function example

A

Imagine a company has an internal application that is used by employees and is stored in a shared drive. After passing through a hashing function, the program receives its hash value. For example purposes, we created this relatively short hash value with the MD5 hashing function. Generally, standard hash functions that produce longer hashes are preferred for being more secure.

Next, let’s imagine an attacker replaces the program with a modified version that performs malicious actions. The malicious program may work like the original. However, if so much as one line of code is different from the original, it will produce a different hash value. By comparing the hash values, we can validate that the programs are different. Attackers use tricks like this often because they’re easily overlooked. Fortunately, hash values help us identify when something like this is happening.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Non-repudiation

A

Data integrity relates to the accuracy and consistency of information. This is known as non-repudiation, the concept that authenticity of information can’t be denied.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How analyst can use Hash function

A

Hash functions are important security controls that make proven data integrity possible. Analysts use them frequently. One way to do this is by finding the hash value of files or applications and comparing them against known malicious files.

For example, we can use the Linux command line to generate the hash value for any file on your computer. We just launch a shell and type the name of the hashing algorithm we want to use. In this case, we’re using a common one known as sha256. Next, we need to enter the file name of any file we want to hash. Let’s hash the contents of newfile.txt. Now, we’ll press Enter. The terminal generates this unique hash value for the file.

The slightest change in input results in a totally different hash value. Hash functions are intentionally designed this way to assist with matters of non-repudiation. They equip computers with a quick and easy way to compare input and output values and validate data integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

05 Assets, Threats, and Vulnerabilities (50 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions