Skip to content

Instantly share code, notes, and snippets.

@Atlas7

Atlas7/demo.md

Last active October 16, 2018 17:29
Show Gist options
  • Save Atlas7/d9d8f26725ef40f117d2 to your computer and use it in GitHub Desktop.
Save Atlas7/d9d8f26725ef40f117d2 to your computer and use it in GitHub Desktop.
Download ZIP
Udacity - Web Development - Hashing with iPython - Demo
Raw
demo.md

Learnt about Hashing via Udacity Web Development CS253 Course. Some notes...

What is hashing

Hashing is good for:

  • encrypting clear-text messages.
  • verifying files.

Use case

  • Say we want to store a password called "hello world".
  • It is unsafe to store "hello world" as a clear text on the database.
  • It is better to store it as a hashed value.
  • `HashValue = aFunction("text-string")
  • For example, HashValue for "hello world" with SHA256 algorithm is b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9
  • i.e. given a text-string, we can compute a HashValue easiily. The reverse is however designed to be VERY HARD.
  • changing the "text-string" slightly will significantly vary the HashValue. For example: HashValue for "hello world0" with SHA256 algorithm is f9684703170819cff074d756ac8f7e44cb82c8638c51ea05e359425441100e6d (which looks totally different to the one we computed for "hello world").
  • Say we have stored the hashed password, we can do a logic test like this (pseudocode):
IF hashValue of passwordEntered AND hashValue of userNameEntered MACHES the ones stored on database
  THEN authorized
ELSE
  not authorized

For file veriication we, the logic is similar:

IF hashValue of the fileSent MACHES hashValue of the fileReceived
  THEN verified
ELSE
  not verified

Hashing Algorithms - Trade-off Speed vs Security

some-hash-options

Use iPython to hash

Simple hashing scripts to demo hashing a string with some common pre-built hashing algorithms.

Chuns-MacBook-Pro:~ johnny$ ipython
Python 2.7.10 |Anaconda 2.4.0 (x86_64)| (default, Oct 19 2015, 18:31:17) 
Type "copyright", "credits" or "license" for more information.

IPython 4.0.0 -- An enhanced Interactive Python.
?         -> Introduction and overview of IPython's features.
%quickref -> Quick reference.
help      -> Python's own help system.
object?   -> Details about 'object', use 'object??' for extra details.

In [1]: import hashlib

In [2]: hashlib.
hashlib.algorithms             hashlib.md5                    hashlib.sha1                   hashlib.sha384                 
hashlib.algorithms_available   hashlib.new                    hashlib.sha224                 hashlib.sha512                 
hashlib.algorithms_guaranteed  hashlib.pbkdf2_hmac            hashlib.sha256                 

In [2]: hashlib.md5("hello world").hexdigest()
Out[2]: '5eb63bbbe01eeed093cb22bb8f5acdc3'

In [3]: hashlib.sha1("hello world").hexdigest()
Out[3]: '2aae6c35c94fcfb415dbe95f408b9ce91ee846ed'

In [4]: hashlib.sha256("hello world").hexdigest()
Out[4]: 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9'

In [5]: hashlib.sha512("hello world").hexdigest()
Out[5]: '309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment