Hashing2:31 with Kenneth Love
What goes into a great hash?
Hashing is a one-way street; data that has been hashed cannot be unhashed. Some hashing algorithms, though, have been compromised through what's known as hash collisions. This is where two different inputs can generate the same hash. More damaging are chosen-prefix collision attacks, where attackers can use a known part of a document to generate a hash that matches another, valid document. Using this, they can spoof encryption keys and other symmetrically-encrytped documents.
To combat both of these, we add salts to our hashes and use hashing algorithms that either have no known (yet) collisions or stress the machines used to compute them. Both of these techniques can dissuade attackers.
I misspoke in the video and said the SHA-1 collision detection came out of Adobe. It was actually discovered at Google by Project Zero/Google Research Security. You can find out more here.
You need to sign up for Treehouse in order to download course files.Sign up