Question

Provide one real world example where hashing was used as a security measure. Be sure to provide a source to validate your example. After you have provided an example you are to answer two questions: 1: Why did hashing work as a security measure in this instance? 2: What could have been done to defeat the hashing by hackers?

Answer 1

In real Life Hashing And Hash tables will used in following applications:

#Signature generation and verification

#Password verification

#File or data identifier from large Databases.

1.For Security mesures in this Password Varifications : Password verification commonly relies on cryptographic hashes. Storing all user passwords as Plain text which can result in a massive security breach if the password file is compromised or currepted. One way to reduce this danger is to only store the hash value of each password. To authenticate a user, the password presented by the user is hashed and compared with the stored hash. A password reset method is required when password hashing is performed; original passwords cannot be recalculated from the stored hash value.

Standard cryptographic hash functions are designed to be computed quickly, and, as a result, it is possible to try guessed passwords at high value. Common graphics processing units can try billions of possible passwords each second. Password hash functions that perform Key stretching - such as PBKDF2, scrypt or Argon2 - commonly use repeated invocations of a cryptographic hash to increase the time and in some cases computer memory required to perform brute force attacks on stored password hash digests. A password hash requires the use of a large random, non-secret salt value which can be stored with the password hash. The salt randomizes the output of the password hash, making it impossible for an adversary to store tables of passwords and precomputed hash values to which the password hash digest can be compared.

The output of a password hash function can also be used as a cryptographic key. Password hashes are therefore also known as Password Based Key Derivation Functions -PBKDFs.

2. To defeat hashing by Hackers:-

-That's no reason to up and surrender to would-be attackers, though.Getting off perfect security is extremely difficult to achieve.

-Traditionally, defending against a PTH (pass the hash) attack has been reactionary, entailing figuring out how the attackers got in your network, fixing the holes, kicking out the attackers, changing all passwords, and working hard to prevent it from occurring again.

- Need to change or Update All Password withing 2-3 weeks.

- clear call cookies and catches day by day.

- Use Two step authentication with banking , mailing sites.

These are the main steps to defeat hackers from hashing with your data.