Introduction to Cryptographic Hash Functions

are a class of hash functions that are cryptographically secure. From password authentication and integrity verification to blockchain—these functions are used in a multitude of applications. Cryptographic Hash Functions In this tutorial, we'll start by reviewing the basics of blockchain, and the relevance of cryptographic hash functions in making a blockchain secure. We'll then go over what cryptographic hash functions are, and their properties. Additionally, we'll also see how to write code to obtain hashes, in both Python and Bash. For all this and more, let's get started! Table of Contents Blockchain Basics Revisited What is a Cryptographic Hash Function? Properties of Cryptographic Hash Functions Is 256-Bit Security Really Secure? How to Compute SHA256 Sum in Bash How to Obtain SHA256 Hash in Python Blockchain Basics Revisited Let's start our discussion by answering the question: "What's a Blockchain?" A blockchain is an , ledger system. It's essentially a peer-to-peer network in which transactions can happen between peers the involvement of a central authority. immutable distributed decentralized without Each block in a blockchain consists of the following: data/details of the transaction its hash hash of the previous block The first block is called the , and it's the only block that doesn't contain the previous block's hash. genesis block In a blockchain, the transactions are hashed using secure hashing algorithms. And here's where enter the discussion. cryptographic hash functions Cryptographic hash functions are used to generate the hashes that uniquely identify the blocks. Whenever the data in a particular block changes or is updated, the hash changes drastically. And because of this, the hash of the particular block should be updated, and the hash values in subsequent blocks should change as well. This makes it next to impossible to tamper with the contents of a specific block. In some sense, the hashes not only uniquely identify the block but also facilitate immutability of the blockchain. In addition, blockchains use consensus mechanisms such as and to ensure that the transactions are indeed authentic, and are not by a malicious entity who is trying to tamper with the network. Proof of Work Proof of Stake Now that you've learned the relevance of cryptographic hash functions in blockchain, let's learn about them in greater detail in the subsequent sections. What is a Cryptographic Hash Function? A cryptographic hash function takes in an input message and maps it to a output, called the or the . fixed length hash digest Whatever be the length of the input—it could be a single character, a string, or even a large file—the output is always of fixed length, say . N In the following illustration, we pass two different inputs and of different lengths to the block. 'blockchain' 'hello' SHA1 The block accepts inputs and maps them to an output hash that is 160 bits long—or equivalently 40 hexadecimal digits long, as shown below. SHA1 stands for . Because of known security breaches in the past, isn't recommended for sensitive use cases anymore. However, the class of algorithms, namely, the and are still widely used. Note: SHA Secure Hashing Algorithm SHA1 SHA2 SHA256 SHA512 Properties of Cryptographic Hash Functions Cryptographic hash functions have a few properties that make them secure for cryptographic applications. 1. Deterministic A cryptographic hash function is deterministic. This means no matter how many times you feed in a input, you'll get the output hash. particular same 2. Computationally Efficient The output hash values should be quick to compute—both when hashing transactions and during verification. So a cryptographic hash function should be computationally efficient, allowing us to obtain the output hash in a short time. 3. Pre-Image Resistant or Non-Invertible This property is based on the concept of . one-way functions Let's take an example. You have a function : the function returns the of the number you feed in. f(x) = cube(x) f cube In this case, if the output is 27, you can conclude right away that the input is 3, which is the pre-image corresponding to the output 27. Therefore, such a function is pre-image resistant. f not However, cryptographic hash functions be pre-image resistant. should This means that you can input a message to the hashing algorithm, and obtain the hash. But it should be to obtain the input message by looking at the hash. infeasible This is illustrated as shown below. 4. Collision Resistant A hash function should be resistant to collision. But what is collision in the context of hash functions? Is this the collision that we're talking about? 🤔 Not exactly!🙂 Well, let's parse what actually means. collision resistance A collision is said to occur when two input messages and map to the output hash. And collision resistance simply means it should be to find two messages and that map to the same hash. M1 M2 same difficult different M1 M2 5. Exhibits Avalanche Effect Even a small change in the input should change the hash drastically. In the example below, we only change a single character: 'b' to 'B'. And the output hash changes completely! To sum up, a cryptographic hash function generates a hash that is yet and is cryptographically secure. fixed length deterministic random, So far, you've learned what cryptographic hash functions are, and their properties. And we've mentioned that the hashing function is widely used. SHA256 However, is a 256-bit hash really secure? Head over to the next section to find out. Is 256-Bit Security Really Secure? Suppose you have the desired output hash. Recall that a cryptographic hash function is deterministic. And it outputs the hash for a input. same specific But it's also So the only way you can get back the input is by trying to generate the output hash at your end—through a series of random guesses. non-invertible. If you can generate this output hash by randomly guessing inputs, you think it's possible to eventually break the hash, yes? Well, it's not that simple! The algorithm outputs a 256-bit hash, or equivalently 64 hexadecimal digits. And a 256-bit hash is a sequence of 256 bits—each of which is either a or a . SHA256 0 1 So there are total combinations in all! And this is an insanely large number. And breaking this hash by random guessing is exponentially hard. 2^256 Watch this interesting video by . Grant Sanderson of 3Blue1Brown And in the above video, Grant explains how complex the process is. Put simply, even if you had access to the most sophisticated computing resources in the world, and time equal to 37 times the age of the universe , you'll still have a 1 in 4 billion chance of successfully guessing the input. An excerpt from the YouTube video How to Compute SHA256 Sum in Bash You can even use simple Bash commands to obtain the hash on applying the secure hashing algorithms. If you're on a Linux or Mac, open up your terminal and run the following line of code. If you're on a Windows machine, consider using a shell environment such as . Git Bash The Bash command returns the 256-bit hash, as shown below. sha256sum 860f5cae6febaa6b9064a16d78553819de43cb1e4c5a87ab267bb1c35fb41a04 $ printf "I'm coding" | sha256sum Observe that the output hash is 64 hexadecimal digits long—each taking 4 bits. To get the 160-bit long SHA1 hash, you can use the Bash command . Run the above code by replacing with . sha1sum sha256sum sha1sum cafc711fba6c8ccdcbb807e5a676e9810e5cce4c $ printf "I'm coding" | sha1sum In the next section, we'll see how to obtain the hash under the algorithm in Python. SHA256 How to Obtain SHA256 Hash in Python Python ships with a built-in module. So you can just go ahead and import it like so: hashlib import hashlib. Here are the steps to obtain the hash: Use the constructor to instantiate a hash object sha256() Encode the message string, include an encoding format optionally Call the method to obtain the hex equivalent of the 256-bit hash hexdigest() The following code block shows how you can do it. hash_obj = hashlib.sha256(message.encode()) hash_val = hash_obj.hexdigest() import hashlib message = "I'm coding" print (hash_val) # output: 860f5cae6febaa6b9064a16d78553819de43cb1e4c5a87ab267bb1c35fb41a04 print ( len (hash_val)) # output: 64 # correct! 64 hexadecimal digits; total length = 64 * 4 = 256 bits Notice how the sum in this case is same as the one you obtained from Bash in the previous section. This verifies the deterministic nature of cryptographic hash functions. SHA256 Now, let's try to obtain the hashes for a list of strings. hash_obj = hashlib.sha256(string.encode()) hash_val = hash_obj.hexdigest() import hashlib strings = [ "hello" , "sha256" , "sensitive info" ] for string in strings: print ( f"Hash # {strings.index(string)+ 1 } : {hash_val} " ) # Output Hash #1: 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824 Hash #2: 5d5b09f6dcb2d53a5fffc60c4ac0d55fabdf556069d6631545f42aa6e3500f2e Hash #3: 034fcc03d9332ee032b5815ef69b0f21926dd2da73f0fcfd65ff90ded1700892 See, that's how simple it is. ✅ Summing Up the Discussion on Cryptographic Hash Functions I hope you found this tutorial on cryptographic hash functions useful. You've learned what cryptographic functions are what their properties are. And you've also learned how to use the Bash commands like and to obtain the hash values. sha1sum sha256sum In addition, you've seen how to use Python's module to generate hashes for input strings. hashlib Be sure to try out a few more examples. Keep coding! Note: All images in the post have been created by the author.