1 00:00:06,440 --> 00:00:08,220 - Encryption has been part 2 00:00:08,220 --> 00:00:11,030 of signals intelligence for quite some time. 3 00:00:11,030 --> 00:00:12,320 Caesar cipher, 4 00:00:12,320 --> 00:00:15,940 Vigenère cipher, ROT-13, et cetera. 5 00:00:15,940 --> 00:00:18,270 If there's a secret you want protected, 6 00:00:18,270 --> 00:00:19,870 encrypt it. 7 00:00:19,870 --> 00:00:22,720 One-way hashing is not encryption 8 00:00:22,720 --> 00:00:26,640 but it is used to protect passwords. 9 00:00:26,640 --> 00:00:29,180 While not reversible, hashing algorithms 10 00:00:29,180 --> 00:00:31,730 were designed to be computed quickly. 11 00:00:31,730 --> 00:00:35,400 So you can compute many hashes from a dynamic source 12 00:00:35,400 --> 00:00:39,490 like a word list or permutations, brute force 13 00:00:39,490 --> 00:00:42,493 and compare the results to find a match. 14 00:00:44,370 --> 00:00:47,470 Let's take a look at how hashing works. 15 00:00:47,470 --> 00:00:50,323 We first start with cleartext like pearson. 16 00:00:51,380 --> 00:00:53,630 We send it through a hash function, 17 00:00:53,630 --> 00:00:56,760 in this case, we're using MD5. 18 00:00:56,760 --> 00:00:58,740 As the hash function applies 19 00:00:58,740 --> 00:01:01,300 a one-way hashing algorithm, 20 00:01:01,300 --> 00:01:03,790 the output of the function is a string 21 00:01:03,790 --> 00:01:06,120 of characters that is unique 22 00:01:06,120 --> 00:01:10,290 to that specific cleartext that we input. 23 00:01:10,290 --> 00:01:12,140 Now this string can be used 24 00:01:12,140 --> 00:01:14,850 in different ways to verify the integrity 25 00:01:14,850 --> 00:01:17,280 of cleartext that was provided. 26 00:01:17,280 --> 00:01:18,560 For instance, 27 00:01:18,560 --> 00:01:20,980 if a cleartext email is sent through 28 00:01:20,980 --> 00:01:22,600 a hash function 29 00:01:22,600 --> 00:01:24,290 by the sender 30 00:01:24,290 --> 00:01:27,560 and the hash was provided to the recipient 31 00:01:27,560 --> 00:01:29,040 they can use it to verify 32 00:01:29,040 --> 00:01:31,373 that the email was not changed in transit. 33 00:01:33,280 --> 00:01:36,890 So in this demo, I want to just show you a really quick 34 00:01:36,890 --> 00:01:41,450 and easy way to generate a hash of cleartext 35 00:01:41,450 --> 00:01:44,730 just like we did in the previous slides. 36 00:01:44,730 --> 00:01:47,440 Of course, we're not gonna use MD5 37 00:01:47,440 --> 00:01:48,530 because today 38 00:01:48,530 --> 00:01:51,290 we have better algorithms for hashing, 39 00:01:51,290 --> 00:01:52,983 like SHA-256. 40 00:01:53,820 --> 00:01:55,630 So what I'm gonna show you here is 41 00:01:55,630 --> 00:01:58,780 how to do this from the colleague command line. 42 00:01:58,780 --> 00:02:01,253 What you would do is type echo, 43 00:02:04,690 --> 00:02:06,320 then type in your cleartext 44 00:02:07,330 --> 00:02:12,330 and simply pipe it over to the SHA-256 sum command. 45 00:02:14,820 --> 00:02:16,510 And we can see here, 46 00:02:16,510 --> 00:02:20,370 it spits out a long set of characters. 47 00:02:20,370 --> 00:02:23,713 That's our hash of the cleartext word pearson. 48 00:02:24,920 --> 00:02:28,743 If we run it again, we see it's the same hash. 49 00:02:29,740 --> 00:02:32,890 This is the way that a hashing algorithm works. 50 00:02:32,890 --> 00:02:36,250 It should always be the same unless it was modified. 51 00:02:36,250 --> 00:02:40,040 So if we were to say, 52 00:02:40,040 --> 00:02:44,290 add a one to pearson, run it through again, 53 00:02:44,290 --> 00:02:45,970 the hash should change. 54 00:02:45,970 --> 00:02:49,670 As you can imagine, this is how hashing can be used 55 00:02:49,670 --> 00:02:54,363 for things like email integrity validation.