Lab – 8 (Hashing)

Introduction

Hash function is a cryptographic function that maps data of arbitrary size to a fixed size value. The

process of mapping data is called hashing and the output returned from cryptographic function is

called hash values or hashes.

Hash Function holds following properties:

Quick

Irreversible

Infeasible, making it impossible to find two different messages from same hash value

Lab Scenario

The lab focuses on making user comfortable with different types of hashing algorithms (MD5, SHA1,

SHA256, SHA512 and RIPEMD) along-with their common hashing properties using practical hands-

on. The user will generate hashes of given keywords (which are stored in file keywords.txt) using

different hashing algorithms and check whether that hash is present in the given hash file hashes.txt

Given

Input keywords = ciso cybersecurity, firewall, vpn, virtual machine and cryptography

Hash file = hashes.txt (having set of 10 hashes per hashing algorithm)

Hashing algorithms = MD5, SHA1, SHA256, SHA512 and RIPEMD

Lab Objective

Task – 1: Take one keyword at a time and calculate it’s hash using MD5 hashing

algorithm

Task – 2: Compare the calculated hash with the hashes present in hashes.txt file.

Task – 3: If hash matches, then take second keyword, otherwise perform Task-1 and

Task 2 again but with different hashing algorithm

Task – 4: Perform Task-1 to Task-3 for all the keywords in input file keywords.txt

Task – 5: Note down the keywords along with their corresponding hashes and

hashing algorithm (which were used to compute these hashes)

Pre-requisite:

The user should possess the knowledge about:

What is:

o Hashing

o Hash function

o Message digest/Hash

Difference between different hashing algorithms – SHA1, RIPEMD, SHA256, SHA512, MD5

Lab Environment/Tools

To perform the lab, you need:

Kali-Linux virtual machine

OpenSSL library

Lab Duration:

Time: 90 minutes

Procedure

Step – 1:

Click VirtualBox from Start menu

Step – 2:

Choose Kali-Linux virtual image and click Start button at the top.

Step – 3:

After the virtual machine boot is complete, right-click the screen to launch context menu and select

Open Terminal

Step – 4:

On the terminal, enter the directory where the labs are stored. In your case, use:

Command = cd Desktop/cryptolabs/lab8

Here,

cd Desktop/cryptolabs/lab8 – is used to change directory

cd Desktop/cryptolabs/lab8 – is path where lab8 is stored

*You can use command = ls, to check whether the folder has all the given files and scripts.

Step – 5:

Calculate the hash of the keyword ‘ciso cybersecurity’. For this, use:

Command = echo -n “ciso cybersecurity” | openssl dgst -md5

Here,

echo -n “ciso cybersecurity” | openssl dgst -md5: is the command to print or edit the

content. Here, it is used to pass the keyword ‘ciso cybersecurity’

echo -n “ciso cybersecurity” | openssl dgst -md5: is used to remove extra line (/n), that is

present by default in echo command

echo -n “ciso cybersecurity” | openssl dgst -md5: is the input keyword.

echo -n “ciso cybersecurity” | openssl dgst -md5: is the function that is used to pass the

output of preceding command as input to the command following

echo -n “ciso cybersecurity” | openssl dgst -md5: is library containing cryptography

algorithms

echo -n “ciso cybersecurity” | openssl dgst -md5: tell the program to calculate the message

digest of input received ‘ciso cybersecurity’ using md5 hash function

Step – 6:

Now, execute the bash script present in lab8 folder, using:

Command = bash script.sh

Enter the hash calculated from step – 5, when asked.

Here,

bash script.sh: is a shell that is used to execute the scripts

bash script.sh: is a script that takes a hash input and check whether this hash is similar to

the hashes present in hashes.txt file

Step – 7:

If hash is not found, then repeat Step – 5 again and calculate the hash of keyword ‘ciso

cybersecurity’, but this time use a different algorithm (which is SHA256) and execute bash script.sh

command to compare the calculated hash with the hashes provided in hashes.txt file (like Step - 6)

Command = echo -n “ciso cybersecurity” | openssl dgst -sha256

Here,

echo -n “ciso cybersecurity” | openssl dgst -sha256: is the command to print or edit the

content. Here, it is used to pass the keyword ‘ciso cybersecurity’

echo -n “ciso cybersecurity” | openssl dgst -sha256: is used to remove extra line (/n), that is

present by default in echo command, as the new line character changes the output hash

echo -n “ciso cybersecurity” | openssl dgst -sha256: is the input keyword.

echo -n “ciso cybersecurity” | openssl dgst -sha256: is the function that is used to pass the

output of preceding command as input to the command following

echo -n “ciso cybersecurity” | openssl dgst -sha256: is library containing cryptography

algorithms

echo -n “ciso cybersecurity” | openssl dgst -sha256: tell the program to calculate the

message digest of input received ‘ciso cybersecurity’ using md5 hash function

Step – 8:

If hash is not found, then repeat Step – 7 again with third hashing algorithm - SHA512

Command = echo -n “ciso cybersecurity” | openssl dgst -sha512

Here,

echo -n “ciso cybersecurity” | openssl dgst -sha512: is the command to print or edit the

content. Here, it is used to pass the keyword ‘ciso cybersecurity’

echo -n “ciso cybersecurity” | openssl dgst -sha512: is used to remove extra line (/n), that is

present by default in echo command

echo -n “ciso cybersecurity” | openssl dgst -sha512: is the input keyword.

echo -n “ciso cybersecurity” | openssl dgst -sha512: is the function that is used to pass the

output of preceding command as input to the command following

echo -n “ciso cybersecurity” | openssl dgst -sha512: is library containing cryptography

algorithms

echo -n “ciso cybersecurity” | openssl dgst -sha512: tell the program to calculate the

message digest of input received ‘ciso cybersecurity’ using md5 hash function

Step – 9:

If hash is not found, then repeat Step – 7 again with fourth hashing algorithm - SHA1

Command = echo -n “ciso cybersecurity” | openssl dgst -sha1

Here,

echo -n “ciso cybersecurity” | openssl dgst -sha1: is the command to print or edit the

content. Here, it is used to pass the keyword ‘ciso cybersecurity’

echo -n “ciso cybersecurity” | openssl dgst -sha1: is used to remove extra line (/n), that is

present by default in echo command

echo -n “ciso cybersecurity” | openssl dgst -sha1: is the input keyword.

echo -n “ciso cybersecurity” | openssl dgst -sha1: is the function that is used to pass the

output of preceding command as input to the command following

echo -n “ciso cybersecurity” | openssl dgst -sha1: is library containing cryptography

algorithms

echo -n “ciso cybersecurity” | openssl dgst -sha1: tell the program to calculate the message

digest of input received ‘ciso cybersecurity’ using md5 hash function

Step – 10:

If hash is not found, then repeat Step – 7 again with last hashing algorithm - RIPEMD

Command = echo -n “ciso cybersecurity” | openssl ripemd

Here,

echo -n “ciso cybersecurity” | openssl ripemd: is the command to print or edit the content.

Here, it is used to pass the keyword ‘ciso cybersecurity’

echo -n “ciso cybersecurity” | openssl ripemd: is used to remove extra line (/n), that is

present by default in echo command

echo -n “ciso cybersecurity” | openssl ripemd: is the input keyword.

echo -n “ciso cybersecurity” | openssl ripemd: is the function that is used to pass the

output of preceding command as input to the command following

echo -n “ciso cybersecurity” | openssl ripemd: is library containing cryptography algorithms

echo -n “ciso cybersecurity” | openssl ripemd: tell the program to calculate the message

digest of input received ‘ciso cybersecurity’ using md5 hash function

Step – 11:

The hashing algorithm for keyword ‘ciso cybersecurity’ is now found.

Now repeat Step -5 to Step – 10 for all other keywords and note down their corresponding hashes

along-with the hash algorithms.

Lab Analysis

Given:

Input keywords = ciso cybersecurity, firewall, vpn, virtual machine and cryptography

Hash file = hashes.txt (having set of 10 hashes per hashing algorithm)

Hashing algorithms = MD5, SHA1, SHA256, SHA512 and RIPEMD

Output:

Following output will be drawn after performing the lab:

S. No.

Keyword Hashing Algorithm

Hash

1. ciso cybersecurity RIPEMD 7ad0a8b621ef92ed3151e81feeb57c3cf607094f

2. firewall SHA256 782cabc4bc478156521942f21643d43f430173960b7766814bb9d1442fa451a7

3. vpn SHA512 868036a871a2b9b3de296a7a5c0f2be59957a8c88b443f2646a3360818d1c971826093860f9e7190ca46448c56e971fe4b5fa4eb26b1ec746b9b9349f3a41f43

4. virtual machine MD5 cd723ed383c1d461e38f7569ed30e7fd

5. cryptography SHA1 48c910b6614c4a0aa5851aa78571dd1e3c3a66ba

Learning outcome

Hashing transforms a string of characters into a shorter fixed length value which is sufficient to

represent the original string. The hash obtained at the end of hashing process is combined with the

original message and is used to ensure the integrity of the message. If the hash calculated at receiver

end does not matches with the attached hash, the integrity of message has been compromised.

Also, a layer of encryption over the packet (which has both Message + HMAC) can help to ensure

message confidentiality, because if adversary somehow manages to get his hands on this packet, he

still cannot make any sense out of it.

Key points

Hashing is a one-way function.

Hashing only ensures integrity but not confidentiality. Confidentiality is ensured by

encryption.

Hashing algorithm may or may not use salt while creating hashes. These salts are

random bits of strings that makes hashes more random, thereby increasing overall

security.