Offense wins games, defense wins championships
Through the ages, life and property were subject to different kinds of attacks on all sides from all elements. Defense went under many different kinds of terms and definitions. As strategies of attacks diversified to pin down a prey, so was defense and counterattacks went to their own extent. Foresight and anticipation were tactics enough to repulse an impending bloody fracas when efforts of diplomacy go futile, not to mention a heavy arsenal of warriors and weaponry at the standby.
Now that drives of world domination shift to the digital battleground, it is imperative that a sound digital defense strategy must be put in place before any platform plan is to be carried out.
Cryptographic Hash Functions
An algorithm that houses a contingent quantity of input data then creates a default output of enciphered characters is called a cryptographic hash value, or simply hash. It is stored and used to verify the user instead of a password. Cryptographic hash functions produce high quality of security as stated in the following:
- It cannot be reversed. A hash functions on a one-way mode which makes it almost impossible to recreate the original password from the hash.
- It is diffused. Changing even a bit of the original password will change almost half of the bits or characters of the password. A slight change can effect an avalanche of unpredictable changes in the output of the enciphered text.
- It is determined. Meaning, a password should always produce the same enciphered text or hash value.
- Resistant to collision. Two different passwords cannot be hashed to the same hash value.
- It is not predictable. There is no way that the enciphered text can be predicted from the password value.
Dangers Facing Hash Functions
“There is no easy way…”
Attackers will have a hard time deciphering hash values since the hash transforms cleartext words into enciphered text for safekeeping in a storage. They will find that there is no easy way to access a target database protected with cryptographic hash functions.
…but they will soon find a way.”
Attackers know that databases are protected and so will find a way to go through them even if it takes time. That means, they will ultimately succeed especially if they have state-of-the-art hardware which is more than fast enough to crack hash values.
Colliding hash values
Excellent hash algorithms are by design resistant to collisions, that is, having the same hash values from different sources or credentials. But admittedly, collision incidents are hard, or even impossible to eliminate.
Public rainbow tables
A rainbow table is a pre-set of cleartext data with their corresponding hashes. Since these one-way hash functions are publicly available, attackers can employ reverse-engineering techniques and crack credentials.
What do we do now?
Technical defense specialists developed a variety of enhancers to reinforce hash functions against scrupulous attacks. There are called salted hashes where salting takes additional data to every plaintext credential which will produce two identical plaintext passwords differentiated only in an enciphered text to avoid the detection of duplication. Another is an algorithm called the keyed hash function or hash message authentication code employing a cryptographic key and at the same time a hash function to create a keyed and hashed message authentication code. There is also the adaptive one-way function, iterating its processes so that it takes longer to execute. Iterations can be adjusted into how many times they can occur, hence it is adaptive. PBKDF2 and bcrypt are examples to protect passwords stored.
Every transaction in the blockchain world is hashed and bundled together into blocks linked to its predecessor by the hash of the data of the previous block. The hashing function protects all linked blocks by rendering all transactions immutable. Any attempt to change hashed transactions will create a new and different hash that will cause alterations of subsequent blocks. Only 51% of agreements within the community can effect the hash change. If that be the case, a 51% attack may commence.
Cryptography has been a weapon for protection, privacy, and security since time immemorial. Being a complex and detailed mathematical science, there is still much to be explored and discovered beyond blockchain technology.
Wallex is a FinTech company that employs blockchain solutions to conform to your escrow, custody, exchange, transfer, and asset management needs. Our AML/KYC/CFT procedures enable us to operate internationally, conforming to each country’s policies in our area of operation. We operate under tough security conditions with round-the-clock measures to guarantee fund safety. We are at your service wherever you are, whenever you need us. Our advisory team is ever ready to assist you with a wiser way of investing. Call now.