Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Please explain! Sometimes, for security issues, a salt is added to the key before it is hashed. Salting your hashes means to sprinkle in something

Please explain!image text in transcribed

Sometimes, for security issues, a salt is added to the key before it is hashed. Salting your hashes means to "sprinkle" in something with your key to change the final hash. One application is when storing passwords. Years ago, servers would store your password so that when you logged in, they could check if it was correct. Now, in case they get hacked, they don't store your password. Instead, they store a hash of your password. Then, when you enter your password, they do the hash function on it and see if the resulting hash matches the hash they have on file. However, this still causes a security issue if they get hacked. If two users had the same password, then they would have the same hash. So if one password had been compromised, the hackers would know everyone else who had the same password. This is avoided by "salting" the hashes with additional information, usually the username. Consider the following username and password key-value pairs (each five characters): {{cool5, passl},{user2, passl},{guy27, 12345},{itsme, xyzzz},{user3, 12345},{baker, passl}} Consider that these passwords are "salted" with the last character of the user name. So the first password that is stored would be the hash of "5passl" and the second password that is stored would be the hash of "2pass1". (Note, this example just shows the concept. In practice, salts and hashes are more complex.) To hash the salted passwords, convert each character (including numerical digits) to its ASCII code. Then add the ASCII code for each character together into one final number, but only keep the 8 least significant bits. For example, "Spass1" would convert to: 5: 00110101 p: 01110000 a: 01100001 s: 01110011 s: 01110011 1: 00110001 Total: 00011101 That will be the "password hash" that will be the "value" stored in the hash table. The key remains unchanged and is the username. So for the first user, the key value pair would be {cool5, 00011101}. Create a Hash Table of size n = 10. To put items in the table, we need our "address hash" to get the index. For the address hash, take the first character of the username. If it is a numerical digit, use that digit as the index. If it is a alphabet character, use its order in the alphabet % n as the index ('a' is 0, 'b' is 1, 'c' is 2 ...). For example, user "cool5" would go to index 2 if it is available. Insert each of these key-value pairs in order into the hash table. The key is the username. The value is the salted hash. The index uses the address hash based on the username. To handle collisions, use chaining with linked lists, with the first node in the array. index key (user) value (salted) 0 cool5 00011101 2 3 4 5 6 7 8 9 Sometimes, for security issues, a salt is added to the key before it is hashed. Salting your hashes means to "sprinkle" in something with your key to change the final hash. One application is when storing passwords. Years ago, servers would store your password so that when you logged in, they could check if it was correct. Now, in case they get hacked, they don't store your password. Instead, they store a hash of your password. Then, when you enter your password, they do the hash function on it and see if the resulting hash matches the hash they have on file. However, this still causes a security issue if they get hacked. If two users had the same password, then they would have the same hash. So if one password had been compromised, the hackers would know everyone else who had the same password. This is avoided by "salting" the hashes with additional information, usually the username. Consider the following username and password key-value pairs (each five characters): {{cool5, passl},{user2, passl},{guy27, 12345},{itsme, xyzzz},{user3, 12345},{baker, passl}} Consider that these passwords are "salted" with the last character of the user name. So the first password that is stored would be the hash of "5passl" and the second password that is stored would be the hash of "2pass1". (Note, this example just shows the concept. In practice, salts and hashes are more complex.) To hash the salted passwords, convert each character (including numerical digits) to its ASCII code. Then add the ASCII code for each character together into one final number, but only keep the 8 least significant bits. For example, "Spass1" would convert to: 5: 00110101 p: 01110000 a: 01100001 s: 01110011 s: 01110011 1: 00110001 Total: 00011101 That will be the "password hash" that will be the "value" stored in the hash table. The key remains unchanged and is the username. So for the first user, the key value pair would be {cool5, 00011101}. Create a Hash Table of size n = 10. To put items in the table, we need our "address hash" to get the index. For the address hash, take the first character of the username. If it is a numerical digit, use that digit as the index. If it is a alphabet character, use its order in the alphabet % n as the index ('a' is 0, 'b' is 1, 'c' is 2 ...). For example, user "cool5" would go to index 2 if it is available. Insert each of these key-value pairs in order into the hash table. The key is the username. The value is the salted hash. The index uses the address hash based on the username. To handle collisions, use chaining with linked lists, with the first node in the array. index key (user) value (salted) 0 cool5 00011101 2 3 4 5 6 7 8 9

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Financial Statement Fraud Strategies For Detection And Investigation

Authors: Gerard M. Zack

1st Edition

1118301552, 9781118301555

More Books

Students also viewed these Accounting questions

Question

=+and show that the infimum and supremum are always achieved.

Answered: 1 week ago