密码学哈希函数_哈希函数在密码学中的应用

密码学哈希函数

A Hash Function is a mathematical function that converts a numerical value into another compressed numeric value. The input value for the hash functions can be of arbitrary length, but the output text that it will produce will always be of fixed length.

哈希函数是一种数学函数，可将数字值转换为另一个压缩数字值。哈希函数的输入值可以是任意长度，但是它将产生的输出文本始终是固定长度。

哈希函数的属性 (Properties of Hash Functions)

Compressed output
压缩输出
Fixed Length Output
定长输出
Pre-Image Resistance
像前电阻
Second pre-Image Resistance
二次成像前电阻
Collision Resistance
耐碰撞

应用程序和哈希函数 (Applications and of the hash functions)

Password storage:

密码存储：

Due to the pre-Image resistance and collision resistance property, the hash functions are ideal to use for storing the passwords. Therefore, the values that are stored in the database are the user-Id in its original form and the hash value of the password. Therefore, whenever you enter the Id and password into a system, it searches for the user-Id, if available, it matches the hash values of the entered password and the password that is already there in the database. If both are the same, then access is granted.

由于具有前图像抗性和抗碰撞性，因此哈希函数非常适合用于存储密码。因此，存储在数据库中的值是原始形式的用户ID和密码的哈希值。因此，每当您将Id和密码输入系统时，它都会搜索user-Id(如果可用)，它将与输入密码的哈希值和数据库中已经存在的密码匹配。如果两者相同，则授予访问权限。

This provides:

提供：

Authentication:
认证方式 ：

Whenever the user enters the id and password, the id is matched with the one with the present in the database, and the password entered is then and there converted into its hash value and is compared with that stored in the database.
每当用户输入ID和密码时，ID就会与数据库中存在的ID进行匹配，然后将输入的密码转换为哈希值并与数据库中存储的哈希值进行比较。
Provides high-level security:
提供高级安全性 ：

The hash function technique provides extreme level security, because even if the hacker or attacker is successful in breaking into the system’s database, all he gets is the user-Id and the hash value of the password, and getting the original password form this hash value is almost impossible.
哈希函数技术提供了最高级别的安全性，因为即使黑客或攻击者成功闯入系统数据库，他得到的只是用户ID和密码的哈希值，并从该哈希值获取原始密码几乎是不可能的。

Fig. The storage and Authentication methods for Id passwords.
Reference link: https://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&ved=2ahUKEwi-vZHc4fXmAhWgIbcAHb5JBfgQjRx6BAgBEAQ&url=https%3A%2F%2Fwww.darkreading.com%2Fsafely-storing-user-passwords-hashing-vs-encrypting%2Fa%2Fd-id%2F1269374&psig=AOvVaw1p7DLjEAMSySYPZaaUqO_c&ust=1578633364016737

图：Id密码的存储和身份验证方法。
参考链接：https://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&ved=2ahUKEwi-vZHc4fXmAhWgIbcAHb5JBfgQjRx6BAgBEAQ&url=https%3A%2F%2Fwww.darkreadinglytoring.com -passwordshashing-vs-encrypting％2Fa％2Fd-id％2F1269374＆psig = AOvVaw1p7DLjEAMSySYPZaaUqO_c＆ust = 1578633364016737

Data Integrity check:

数据完整性检查：

To maintain the data integrity, the sender sends both the message and its hash value to the user. The Receiver then checks whether the hash value of the message is the same as the hash value sent by the sender. This ensures that no modification has been done in the data while being transmitted. This process of integrity checks can be seen in email systems, messaging applications, etc. However, as everything takes place in the back-end, the user cannot identify this process.

为了保持数据完整性，发送方将消息及其哈希值发送给用户。然后，接收方检查消息的哈希值是否与发送方发送的哈希值相同。这样可以确保在发送时未对数据进行任何修改。完整性检查过程可以在电子邮件系统，消息传递应用程序等中看到。但是，由于一切都在后端进行，因此用户无法识别此过程。

Digital Signature:

电子签名：

A signature is usually used to bind signatory to the message. The digital signature is thus a technique that binds a person or the entity to the digital data. This binding ensures that the person sending the data is solely responsible for being for it and this binding can be verified by the receiver and the third party. This digital signature is also stored using hash functions so that no one’s signature can be stolen and be misused.

签名通常用于将签名者绑定到消息。因此，数字签名是将个人或实体绑定到数字数据的技术。此绑定确保发送数据的人对此负全责，并且此绑定可以由接收方和第三方验证。此数字签名也使用哈希函数存储，因此任何人的签名都不会被盗用或滥用。