Hashes

Hashing is a method used to verify data integrity.

A cryptographic hash function is a process that takes a block of data and creates a small fixed-sized hash value. It is a one-way function, meaning that if two different computers take the same data and run the same hash function, they should get the same fixed-sized hash value (for example, perhaps a 12-bit long hash). (Message digest 5 algorithm [MD5] is an example.) It is not possible (at least not realistically) to generate the same hash from a different block of data. This is referred to as collision resistance. The result of the hash is a fixed-length small string of data, and is sometimes referred to as the digest, message digest, or simply the hash.

An example of using a hash to verify integrity is the sender running a hash algorithm on each packet and attaching that hash to the packet. The receiver runs the same hash against the packet and compares his results against the results the sender had (which were attached to the packet, as well). If the hash generated matches the hash that was sent, we know that the entire packet is intact. If a single bit of the hashed portion of the packet is modified, the hash calculated by the receiver will not match, and the receiver will know that the packet had a problem, specifically with the integrity of the packet.

The three most popular types of hashes are as follows:

Message digest 5 (MD5): This creates a 128-bit digest.

Secure Hash Algorithm 1 (SHA-1): This creates a 160-bit digest.

Secure Hash Algorithm 2 (SHA-2): Options include a digest between 224 bits and 512 bits.

With encryption and cryptography, and now hashing, bigger is better, and more bits equals better security.