Hashing

Overview 
 Cryptographic hash functions transform data of any size into a fixed-length message digest or checksum, with SHA256 producing a 256-bit (64 hexadecimal digit) output regardless of input size. These functions are deterministic and demonstrate the avalanche effect—even a single-bit change in input produces a completely different hash value. Hash functions serve critical security purposes including secure password storage and detecting file modifications or tampering. Older algorithms like MD5 and SHA-1 are now cryptographically broken and vulnerable to collision attacks. 
 
 Key Information 
 
 Fixed Output Size: Hash functions always produce the same length output regardless of input file size (e.g., SHA256 always produces 256 bits or 64 hex digits) 
 Avalanche Effect: A single-bit change in input data produces a drastically different hash value, enabling reliable tamper detection 
 Primary Applications: Password storage (with salting), file integrity verification, and detecting both intentional tampering and transfer errors 
 Secure vs. Broken Algorithms: SHA224, SHA256, SHA384, SHA512, and RIPEMD160 are currently secure; MD5 and SHA-1 are cryptographically broken and susceptible to hash collisions 
 HMAC Authentication: HMAC combines a hash function with a secret key using inner/outer padding (ipad/opad) to provide message authentication. 
 
 
 Notes 
 sha256sum file 
 hmac256 key file 
 
 Task 
 
 What is the SHA256 checksum of the file order.json ?
 
 sha256sum order.json 
 2c34b68669427d15f76a1c06ab941e3e6038dacdfb9209455c87519a3ef2c660 
 
 
 Open the file order.json and change the amount from 1000 to 9000 . What is the new SHA256 checksum?
 
 sha256sum order.json 
 11faeec5edc2a2bad82ab116bbe4df0f4bc6edd96adac7150bb4e6364a238466 
 
 
 Using SHA256 and the key 3RfDFz82 , what is the HMAC of order.txt ?
 
 hmac256 3RfDFz82 order.json 
 c7e4de386a09ef970300243a70a444ee2a4ca62413aeaeb7097d43d2c5fac89f 
 
 
 
 
 Conclusion 
 Cryptographic hash functions are fundamental security tools that provide both data integrity verification and secure password storage mechanisms. Understanding the difference between secure algorithms (SHA-256 family) and broken ones (MD5, SHA-1) is essential for implementing modern cybersecurity solutions. HMAC extends basic hashing by incorporating secret keys, making it suitable for message authentication in scenarios requiring both integrity and authenticity verification. 
 
 Resources 
 
 TryHackMe : Intro to Cryptography