“An Easy Explanation of Cryptographic Hash Function” – Content:
- 3 Ways to store a password
- How Hash Functions create security
- A type of a hash function
- Hash functions in Ethereum
- Cryptographic Hash Function – Summarize
3 Ways to store a password
1. Plain Text
The riskiest way of storing passwords is to write it down on plain text. If Hackers gets access to a company database, they get to see all the passwords. Because a lot of people have the bad habit of using the same password for multiple accounts, its likely that one password could lead to different accounts. You might think companies don’t store your password in plain text because it is too risky. But in reality, a lot of companies are doing it. And therefore provide a huge security breach.
An alternative to plain text storage is encryption. You can take your passwords and before you store them they get encrypted. This prevents hackers from getting your real passwords but it is still risky. Underneath the encryption, the layer is still a plain text password. So if the attacker manages to steal the encryption key he can unlock all of your passwords. Encryption can, therefore, work in two ways. It saves but also decrypt your password. This is practical when you want to share data in a secured way. But it is risky to secure your password.
3. Hash Function
Cryptographic Hash Function takes input like a piece of text or could a file and turns it into an integer output. It has always the same length. Hash functions are different from encryption because they only work in one way. You can calculate the hash of a password but you cannot take a hash and turn it back into the original data. With hashes, companies can verify that you are logging in with the correct password, without having to store your actual password.
You can compare hashes with fingerprints. It is not possible to identify the person unless you have seen their fingerprint before. However, they aren’t perfect either. Most hashing algorithms are optimized for speed. So the more hashes per second they can calculate, the better. That makes them vulnerable against brute force attacks. Therefore hacker can try to calculate every possible password and reverse the hash function.
How Hash Functions create security
Hash is a checksum derived from the block’s information. As we mentioned above it is comparable to a digital fingerprint. In addition, each block still contains the checksum of the previous block. This creates a direct link between the blocks making our blockchain tamper-proof. So, a subsequent change to an already documented transaction would cause all successive checksums to be incorrect. To trick the system, a hacker has to reverse the hash function by randomly trying. He needs to do this for every single block. So theoretically he can hack the system, but it’s practically impossible since nobody has so much computer power available.
A type of a hash function
There are lots of different types of cryptographic hash function. The most important one for blockchain is SHA256. The number 256 generally refers to the length of the output. So SHA256 will produce a 256 bit or 64 characters long output. These are the basics for our easy explanation of cryptographic hash function. But we think the following short excursion might help you even more.
Hash functions in Ethereum
In the Ethereum protocol, hash functions are part of the block hashing algorithm. It is used to write new transactions into the blockchain through the mining process. The inputs for the function are the most recent, not yet confirmed transactions. Along with some additional inputs that you can read here in our Blockchain article.
As we mentioned above, changing a small part of a hash function results in a completely different output. This property is crucial to the Proof of Work algorithm involved in mining. If a miner wants to successfully solve a block, they try to combine all the inputs with their own input data. As a result, they want the hash to start with a certain number of zeroes. So solving blocks takes a huge amount of processing power. Therefore new Ether gets mined over a long period. In order to earn Ether through mining, you need to put a lot of work into it. But as a result, all the new transactions get locked into a block. The miner adds it then to the permanent record of all previous transactions and forms a chain of blocks.