Applications of Hash Functions
Look at the various applications of hash functions and their security requirements.
We now look at three examples of applications of hash functions, each one requiring a different security property.
Application requiring preimage resistance
Hash functions provide a simple and widely adopted way of implementing password storage protection. The idea is to store the passwords in a password file in ‘disguised’ form to be checked. Yet, anyone who gains access to the password file (including the system administrator) cannot recover the passwords themselves. In this application, a hash function provides an unusual type of confidentiality for stored data. The unusual aspect is that the data itself (the password) never needs to be recovered. As a result, this type of confidentiality can be provided by a cryptographic primitive, which doesn’t use a key.
In advance of a logon attempt, a user’s identity is stored in the password file next to the result of passing the user’s password through a hash function . In other words, the password file consists of a table of pairs of the form . Note that the passwords themselves are not stored in the password table.
The password-based log-on process for a user attempting to access resources on a device, which we discuss later at a greater length, is depicted in the illustration below and operates as follows:
-
The user enters an identity when prompted by the log-on screen.
-
The user enters a password when prompted by the log-on screen.
-
The authentication application running on the device inputs the password to the hash function and computes .
-
The authentication application running on the device looks up the table entry in the password file corresponding to identity and compares the stored value of the hashed password with the value that it has just calculated in step 3. If the entries match, then the user is authenticated. Otherwise, the user is rejected.
Get hands-on with 1200+ tech skills courses.