WEBVTT

00:00.290 --> 00:06.480
What we talk about cryptography we tend to only think about one part of the CIA of security.

00:06.550 --> 00:11.110
There remember CIA stands for confidentiality integrity and availability.

00:11.130 --> 00:15.490
So when we talk about cryptography we tend to concentrate on confidentiality.

00:15.510 --> 00:16.830
Right we're encrypting stuff.

00:16.940 --> 00:18.870
Well that's not always the case.

00:18.870 --> 00:25.710
Well I want to talk about right now something called hashing a hash provides integrity when it comes

00:25.710 --> 00:27.290
to the CIA of security.

00:27.290 --> 00:33.580
Now we don't encrypt with the hash we make things in Taggerty a fight.

00:33.600 --> 00:37.040
I'm going to stick to that word because that's now part of the Webster's dictionary.

00:37.320 --> 00:40.080
So let me explain how a hash works.

00:40.080 --> 00:42.620
The idea behind a hash is that it is an algorithm.

00:42.620 --> 00:47.910
That's why I got my algorithm machine here and it doesn't encrypt what it will do is it will take a

00:48.030 --> 00:57.010
arbitrarily large amount of data and you take that data and you run it through and it comes out in a

00:57.010 --> 00:59.650
fixed value every time.

00:59.650 --> 01:03.610
So if I have a five letter input it's going to come out.

01:03.670 --> 01:11.140
However whatever size the hash is if I have a 300 billion byte input it's always still going to come

01:11.140 --> 01:12.610
out this size.

01:12.610 --> 01:15.160
Now at first glance he'd say Well Mike what am I going to do with that.

01:15.160 --> 01:17.500
Well there's a couple of things about hashes that are cool.

01:17.500 --> 01:20.200
Number one hashes are one way.

01:20.200 --> 01:27.400
If I generate this and I create a hash there is no way it is impossible to figure out what the actual

01:27.400 --> 01:29.050
original data was.

01:29.050 --> 01:32.240
The other thing that's cool about a hash is that it's deterministic.

01:32.270 --> 01:35.590
So look at this he starts with 1 a 6.

01:35.590 --> 01:36.410
Got it.

01:36.730 --> 01:42.100
So I take this document and it doesn't have to be a document it could be a image it doesn't matter as

01:42.100 --> 01:43.580
long as it's ones and zeros.

01:43.630 --> 01:50.710
And if I could take all knowledge known to man from the beginning of mankind and put it into a big word

01:50.710 --> 01:58.300
document and I could go to page $405 and in twenty seven thousand six hundred twenty two and I could

01:58.300 --> 02:04.030
go in there and change one letter one letter change so this upper case could change it to a lower case

02:04.030 --> 02:11.590
c and if I take that value and I run it through a hash algorithm it's going to come out with a completely

02:11.740 --> 02:13.330
different value.

02:13.330 --> 02:19.530
So hashes are a very good way to say this is the data from which I got.

02:19.540 --> 02:25.480
So for example if I'm downloading a big executable file I can run a hash on it and compare it to the

02:25.480 --> 02:29.980
hash value that's up on the Web site and then that way if it didn't come down right or something I could

02:29.980 --> 02:37.960
clearly and very explicitly know that this is the right values so hashes are something we use all over

02:37.960 --> 02:43.410
the place within the world of cryptography so that's the basics of a hash.

02:43.400 --> 02:49.180
Now for the security plus there are lots of hashes hashes have been going around for a long long time

02:49.450 --> 02:51.820
and we have a lot of different versions of them.

02:51.850 --> 02:57.010
They all have different size outputs or what we call a message digest they're all the same word.

02:57.010 --> 03:02.890
And what I want to do right now is just take a minute and let's run through the different types of hashes

03:02.890 --> 03:09.420
that you're going to see on security plus there are a zillion types of hashes out there but luckily

03:09.420 --> 03:14.390
for us we can break down what you need to know for the security plus into three groups.

03:14.520 --> 03:21.750
First is called Message Digest version 5 better known as M.D 5 and 5 is the grandpa of hashes.

03:21.750 --> 03:23.750
It's been around since the early 90s.

03:23.790 --> 03:29.940
It was invented by Ron Rivest of RSA fame and it's been used for years and years and years and years.

03:29.940 --> 03:35.920
The important thing to remember about M.D 5 is that it uses a 128 bit hash.

03:36.090 --> 03:41.140
Now M.D five is a great one but they found a little problem with an ox plane that in just a moment.

03:41.340 --> 03:47.110
The second type of hash I want you to be aware of is the secure hash algorithm better than the Shah.

03:47.160 --> 03:51.930
And this is a family of hashes that were developed by the National Institute of Standards here in the

03:51.930 --> 03:57.230
U.S. technically they're still being developed the earliest version of Shaw that you're going to see

03:57.300 --> 04:00.410
on the security plus is called Shaw Dash 1.

04:00.420 --> 04:04.350
Now Shaw one has a 160 bit hash.

04:04.350 --> 04:05.490
Now here's the problem.

04:05.490 --> 04:12.000
Both M.D 5 and Shaw 1 have the ability to generate what we call collisions.

04:12.000 --> 04:13.400
Let me explain that.

04:13.860 --> 04:19.470
A collision simply means when you take two different types of data and generate the same hash.

04:19.680 --> 04:27.070
If you can force a hash to make occasional collisions it can often be figured out how the hash works.

04:27.180 --> 04:28.460
And that is a naughty naughty thing.

04:28.470 --> 04:29.500
We don't like that.

04:29.760 --> 04:34.560
So neither end D5 nor shot want or use that commonly anymore.

04:34.620 --> 04:41.070
If you're talking about hashes that are being used today for websites and all kinds of stuff we're talking

04:41.070 --> 04:48.200
about shot to now shot to is not just one type of hash shot two is broken down into different types.

04:48.200 --> 04:49.870
Based on the length of the hash.

04:49.980 --> 04:56.740
So we don't see a shot to what we will say though is shot 256 or shot 512.

04:56.820 --> 05:01.120
So you could see that these big long hashes are much less prone.

05:01.170 --> 05:03.300
In fact no one's made a collision with them yet.

05:03.300 --> 05:05.530
Knock on wood.

05:05.680 --> 05:07.780
The last type of hash I want to talk about.

05:07.960 --> 05:09.480
It's mentioned on security plus.

05:09.500 --> 05:11.420
Let me bring it up is right.

05:11.440 --> 05:16.620
EMT and that stands for race integrity primitives evaluation message digest.

05:16.840 --> 05:20.220
Now this is not a real common hashing algorithm.

05:20.230 --> 05:25.690
It's nice because it's open standard that everybody can check it out but it's just not used that much.

05:25.690 --> 05:30.010
Nothing really wrong with it it just that everybody like shot to these days but do be aware for the

05:30.010 --> 05:40.000
test that right BMD comes in 128 160 256 and 320 bit versions and you will be tested on every one of

05:40.000 --> 05:46.700
these on the security plus Yep that is a lot of hashes you need to memorize my friends.

05:46.700 --> 05:53.000
Not only do you need to memorize the different names of each hash but make sure you know the size of

05:53.000 --> 05:59.470
the hash because the security plus loves to hash on that sorry OK I'll keep my day job.

05:59.510 --> 06:04.520
Now people will ask me especially just been exposed to this.

06:04.520 --> 06:06.260
What do we do with hashes.

06:06.260 --> 06:11.300
The easier answer is within the world occurred toggery you would be hard pressed to find a place where

06:11.300 --> 06:13.240
we don't use hashes.

06:13.250 --> 06:14.300
Some great examples.

06:14.300 --> 06:16.870
Example Number one password storage.

06:16.940 --> 06:23.450
Most operating systems never store your passwords so you type in a password at it at it and you hit

06:23.450 --> 06:28.550
enter and the password is saved onto the hard drive only as its hash.

06:28.550 --> 06:34.460
So when you type in your password to log into something it goes ahead and hashes it and compares it

06:34.460 --> 06:36.700
and says oh you type in the right password.

06:36.890 --> 06:44.780
We use hashes on virtually every type of encryption and authentication known to man we use hashes everywhere.

06:44.780 --> 06:49.350
So what I'm on right now is you only need to memorize the different types of hashes.

06:49.460 --> 06:54.170
Starting from here and going through the rest of this course we're going to be seeing hashes over and

06:54.200 --> 07:02.200
over again.