Hyrje
A cryptographic hash function takes arbitrary input and produces a fixed-size output that looks random and is infeasible to invert or find collisions for.
Teoria
Good hash functions satisfy three properties: pre-image resistance (given a hash, you cannot find any input that maps to it), second pre-image resistance (given one input, you cannot find a different input with the same hash) and collision resistance (you cannot find any two inputs with the same hash). The security level against collisions is half the output size in bits due to the birthday paradox, which is why a 256-bit hash provides "only" 128 bits of collision security.
MD5 and SHA-1 are both broken for collision resistance and must not be used for anything security-relevant. SHA-256 and SHA-512 are fine for integrity checks and as building blocks for HMAC, KDFs and signatures. SHA-3 (Keccak) and BLAKE2/BLAKE3 are modern alternatives; BLAKE3 is especially fast on modern CPUs. For hashing passwords, use Argon2 — not a raw hash function, however fast.
A common misuse is hashing passwords with SHA-256 or similar "fast" hashes. A single GPU can compute billions of SHA-256 hashes per second, so a leaked database of SHA-256 password hashes can be cracked in hours. The whole point of a password hash is to be slow and memory-hard; use the right tool.
Mjetet
Mjete për hashing:
- CLI:
sha256sum,sha512sum,openssl dgst. - PHP:
hash(),hash_hmac(),hash_file(). - Python:
hashlib.
Praktika
Verifikim integriteti me SHA-256:
sha256sum ubuntu-22.04.iso
openssl dgst -sha256 ubuntu-22.04.isoHMAC për autentikim mesazhi:
// PHP
$mac = hash_hmac('sha256', $data, $key);
if (hash_equals($expected, $mac)) { /* ok */ }BLAKE3 në Python:
import blake3
print(blake3.blake3(b'hello').hexdigest()) Ushtrime
- Demonstron collision për MD5 me files publike (p.sh. Marc Stevens PoC).
- Krahaso shpejtësinë e SHA-256, BLAKE2b dhe BLAKE3.
Burime
- RFC 6234 — SHA-2.
- BLAKE3.
Vlerësimet dhe komentet
Kyçu për të lënë një vlerësim.
Ende pa komente. Bëhu i pari!
Diskutime
Ende pa diskutime. Hap një temë të re