lab t 8 (hashing ) - ciso academyx hash file = hash es .txt (having set of 10 hashes per hashing...
TRANSCRIPT
Lab – 8 (Hashing)
Introduction
Hash function is a cryptographic function that maps data of arbitrary size to a fixed size value. The
process of mapping data is called hashing and the output returned from cryptographic function is
called hash values or hashes.
Hash Function holds following properties:
Quick
Irreversible
Infeasible, making it impossible to find two different messages from same hash value
Lab Scenario
The lab focuses on making user comfortable with different types of hashing algorithms (MD5, SHA1,
SHA256, SHA512 and RIPEMD) along-with their common hashing properties using practical hands-
on. The user will generate hashes of given keywords (which are stored in file keywords.txt) using
different hashing algorithms and check whether that hash is present in the given hash file hashes.txt
Given
Input keywords = ciso cybersecurity, firewall, vpn, virtual machine and cryptography
Hash file = hashes.txt (having set of 10 hashes per hashing algorithm)
Hashing algorithms = MD5, SHA1, SHA256, SHA512 and RIPEMD
Lab Objective
Task – 1: Take one keyword at a time and calculate it’s hash using MD5 hashing
algorithm
Task – 2: Compare the calculated hash with the hashes present in hashes.txt file.
Task – 3: If hash matches, then take second keyword, otherwise perform Task-1 and
Task 2 again but with different hashing algorithm
Task – 4: Perform Task-1 to Task-3 for all the keywords in input file keywords.txt
Task – 5: Note down the keywords along with their corresponding hashes and
hashing algorithm (which were used to compute these hashes)
Pre-requisite:
The user should possess the knowledge about:
What is:
o Hashing
o Hash function
o Message digest/Hash
Difference between different hashing algorithms – SHA1, RIPEMD, SHA256, SHA512, MD5
Lab Environment/Tools
To perform the lab, you need:
Kali-Linux virtual machine
OpenSSL library
Lab Duration:
Time: 90 minutes
Procedure
Step – 1:
Click VirtualBox from Start menu
Step – 2:
Choose Kali-Linux virtual image and click Start button at the top.
Step – 3:
After the virtual machine boot is complete, right-click the screen to launch context menu and select
Open Terminal
Step – 4:
On the terminal, enter the directory where the labs are stored. In your case, use:
Command = cd Desktop/cryptolabs/lab8
Here,
cd Desktop/cryptolabs/lab8 – is used to change directory
cd Desktop/cryptolabs/lab8 – is path where lab8 is stored
*You can use command = ls, to check whether the folder has all the given files and scripts.
Step – 5:
Calculate the hash of the keyword ‘ciso cybersecurity’. For this, use:
Command = echo -n “ciso cybersecurity” | openssl dgst -md5
Here,
echo -n “ciso cybersecurity” | openssl dgst -md5: is the command to print or edit the
content. Here, it is used to pass the keyword ‘ciso cybersecurity’
echo -n “ciso cybersecurity” | openssl dgst -md5: is used to remove extra line (/n), that is
present by default in echo command
echo -n “ciso cybersecurity” | openssl dgst -md5: is the input keyword.
echo -n “ciso cybersecurity” | openssl dgst -md5: is the function that is used to pass the
output of preceding command as input to the command following
echo -n “ciso cybersecurity” | openssl dgst -md5: is library containing cryptography
algorithms
echo -n “ciso cybersecurity” | openssl dgst -md5: tell the program to calculate the message
digest of input received ‘ciso cybersecurity’ using md5 hash function
Step – 6:
Now, execute the bash script present in lab8 folder, using:
Command = bash script.sh
Enter the hash calculated from step – 5, when asked.
Here,
bash script.sh: is a shell that is used to execute the scripts
bash script.sh: is a script that takes a hash input and check whether this hash is similar to
the hashes present in hashes.txt file
Step – 7:
If hash is not found, then repeat Step – 5 again and calculate the hash of keyword ‘ciso
cybersecurity’, but this time use a different algorithm (which is SHA256) and execute bash script.sh
command to compare the calculated hash with the hashes provided in hashes.txt file (like Step - 6)
Command = echo -n “ciso cybersecurity” | openssl dgst -sha256
Here,
echo -n “ciso cybersecurity” | openssl dgst -sha256: is the command to print or edit the
content. Here, it is used to pass the keyword ‘ciso cybersecurity’
echo -n “ciso cybersecurity” | openssl dgst -sha256: is used to remove extra line (/n), that is
present by default in echo command, as the new line character changes the output hash
echo -n “ciso cybersecurity” | openssl dgst -sha256: is the input keyword.
echo -n “ciso cybersecurity” | openssl dgst -sha256: is the function that is used to pass the
output of preceding command as input to the command following
echo -n “ciso cybersecurity” | openssl dgst -sha256: is library containing cryptography
algorithms
echo -n “ciso cybersecurity” | openssl dgst -sha256: tell the program to calculate the
message digest of input received ‘ciso cybersecurity’ using md5 hash function
Step – 8:
If hash is not found, then repeat Step – 7 again with third hashing algorithm - SHA512
Command = echo -n “ciso cybersecurity” | openssl dgst -sha512
Here,
echo -n “ciso cybersecurity” | openssl dgst -sha512: is the command to print or edit the
content. Here, it is used to pass the keyword ‘ciso cybersecurity’
echo -n “ciso cybersecurity” | openssl dgst -sha512: is used to remove extra line (/n), that is
present by default in echo command
echo -n “ciso cybersecurity” | openssl dgst -sha512: is the input keyword.
echo -n “ciso cybersecurity” | openssl dgst -sha512: is the function that is used to pass the
output of preceding command as input to the command following
echo -n “ciso cybersecurity” | openssl dgst -sha512: is library containing cryptography
algorithms
echo -n “ciso cybersecurity” | openssl dgst -sha512: tell the program to calculate the
message digest of input received ‘ciso cybersecurity’ using md5 hash function
Step – 9:
If hash is not found, then repeat Step – 7 again with fourth hashing algorithm - SHA1
Command = echo -n “ciso cybersecurity” | openssl dgst -sha1
Here,
echo -n “ciso cybersecurity” | openssl dgst -sha1: is the command to print or edit the
content. Here, it is used to pass the keyword ‘ciso cybersecurity’
echo -n “ciso cybersecurity” | openssl dgst -sha1: is used to remove extra line (/n), that is
present by default in echo command
echo -n “ciso cybersecurity” | openssl dgst -sha1: is the input keyword.
echo -n “ciso cybersecurity” | openssl dgst -sha1: is the function that is used to pass the
output of preceding command as input to the command following
echo -n “ciso cybersecurity” | openssl dgst -sha1: is library containing cryptography
algorithms
echo -n “ciso cybersecurity” | openssl dgst -sha1: tell the program to calculate the message
digest of input received ‘ciso cybersecurity’ using md5 hash function
Step – 10:
If hash is not found, then repeat Step – 7 again with last hashing algorithm - RIPEMD
Command = echo -n “ciso cybersecurity” | openssl ripemd
Here,
echo -n “ciso cybersecurity” | openssl ripemd: is the command to print or edit the content.
Here, it is used to pass the keyword ‘ciso cybersecurity’
echo -n “ciso cybersecurity” | openssl ripemd: is used to remove extra line (/n), that is
present by default in echo command
echo -n “ciso cybersecurity” | openssl ripemd: is the input keyword.
echo -n “ciso cybersecurity” | openssl ripemd: is the function that is used to pass the
output of preceding command as input to the command following
echo -n “ciso cybersecurity” | openssl ripemd: is library containing cryptography algorithms
echo -n “ciso cybersecurity” | openssl ripemd: tell the program to calculate the message
digest of input received ‘ciso cybersecurity’ using md5 hash function
Step – 11:
The hashing algorithm for keyword ‘ciso cybersecurity’ is now found.
Now repeat Step -5 to Step – 10 for all other keywords and note down their corresponding hashes
along-with the hash algorithms.
Lab Analysis
Given:
Input keywords = ciso cybersecurity, firewall, vpn, virtual machine and cryptography
Hash file = hashes.txt (having set of 10 hashes per hashing algorithm)
Hashing algorithms = MD5, SHA1, SHA256, SHA512 and RIPEMD
Output:
Following output will be drawn after performing the lab:
S. No.
Keyword Hashing Algorithm
Hash
1. ciso cybersecurity RIPEMD 7ad0a8b621ef92ed3151e81feeb57c3cf607094f
2. firewall SHA256 782cabc4bc478156521942f21643d43f430173960b7766814bb9d1442fa451a7
3. vpn SHA512 868036a871a2b9b3de296a7a5c0f2be59957a8c88b443f2646a3360818d1c971826093860f9e7190ca46448c56e971fe4b5fa4eb26b1ec746b9b9349f3a41f43
4. virtual machine MD5 cd723ed383c1d461e38f7569ed30e7fd
5. cryptography SHA1 48c910b6614c4a0aa5851aa78571dd1e3c3a66ba
Learning outcome
Hashing transforms a string of characters into a shorter fixed length value which is sufficient to
represent the original string. The hash obtained at the end of hashing process is combined with the
original message and is used to ensure the integrity of the message. If the hash calculated at receiver
end does not matches with the attached hash, the integrity of message has been compromised.
Also, a layer of encryption over the packet (which has both Message + HMAC) can help to ensure
message confidentiality, because if adversary somehow manages to get his hands on this packet, he
still cannot make any sense out of it.
Key points
Hashing is a one-way function.
Hashing only ensures integrity but not confidentiality. Confidentiality is ensured by
encryption.
Hashing algorithm may or may not use salt while creating hashes. These salts are
random bits of strings that makes hashes more random, thereby increasing overall
security.