One of the most basic concepts in security… errr… I mean battling 1337 hackers is the CIA Triad which stands for Confidentiality, Integrity and Availability. Today we’re going to breakdown Integrity and more specifically what is gained from hashing.
First lets tackle what Integrity is. Imagine you are in a classroom trying to pass a note to your friend. There is a problem in that there are a number of students between you and your friend. The note must travel from student to student until it reaches your friend. How does your friend know that the message in the note has not been tampered with when he receives it? Integrity, as a concept, is about maintaining accuracy while data in transit or in rest.
Hashing is a technique for verifying integrity. Hashing uses 1-way algorithms to turn a variable amount of data into a fixed amount of data. In other words, hashing can turn a sentence into a block of numbers. A good hashing algorithm will create a unique block of numbers for every unique sentence. In the classroom example, you and your friend could agree on a hashing algorithm, hash your message using the algorithm and write the hash along with your message on the note. When your friend receives the note, they can use the same hashing algorithm to hash the message given to them and if the hash is different from the hash provided, theye knows the message has been changed.
Hashing is used to confirm integrity for everything from data within protocols to passwords stored in your OS.