Ever wondered that what hash is, you often come by while browsing web or reading stuff. Here is a simplified explanation.
Number Bases
A hash is just a number. A big number in Base 16. OK baby steps, we all know about base 10 which includes numbers we use everyday. 365 days in a year, dogs have 4 legs, there will be only 21,000,000 Bitcoins and so on. Digits of numbers in base 10(decimal numbers), can be 0, 1, 2, …, 9. A decimal number’s digit can be one of ten different number (starting from 0 to 9) hence the name base 10. There are more bases other than base 10. Numbers in base 2 include digits which can only be 0 or 1 so, consequently it is base “2”. There is base 3, base 4, base 5 and so on.
A hash is just a number in Hexadecimal, base 16 where digit “a” represents 10, “b” represents 11 and “f” 15.
In decimal numbers 0 is stands for 0, 1 is for 1 and so on. For numbers further than in base 10 we simply can not use 10 or 11 as digits. Instead we use letters through “a” to “f”.
So, when you see something like “a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e” which is defined as hash then you will know that it is just a number where letters “a” to “f” is used to represent the digits 10, 11, …, 15.
So how do we calculate these numbers and why do we need it?
A hash can be obtained through a series of mathematical calculations. All of these calculations are mathematical functions, a hash algorithm, a hash function…
A mathematical function, for example f(x) = 2x + 1, this function takes the input multiplies by 2 then adds 1 and we get an output from the function f(x).
1 → f(x): f(1) = 2(1) + 1 = 3
2 → f(x): f(2) = 2(2) + 1 = 5
f(5) = 11
f(19) = 39
A hash function is just like any other function, it is just a bit more complex. You put any data through hashing algorithm and you get an output, a digest, a message digest or simply, a hash.
By “any data” I mean any number. So you know that computers are all about “0”s and “1”s. Any text, any photograph file, any movie file… anything digital is just a number in base 2. For example the word “Hello” is actually a number “01001000 01100101 01101100 01101100 01101111” in base 2. When you upload a photograph to your social media account you actually send some big number in base 2. So, a hash function is like any other mathematical function takes a number and computes another number.
Note that hash functions and cryptographic hash(secure hash algorithms) functions are not the same thing. There are many cryptographic hash functions and they have some basic common properties.
Computationally Efficient: The time for a hash to be computed needs to be optimal. If it takes too long to calculate a hash then it will not be useful. Also, if it is too quick then it will not be secure.
Fixed Length: Regardless of the length(or size) of data used to calculate hash, output(hash) has a fixed length depending on the hash algorithm used.
Here is the hash of word “Hello!” using SHA256:
“334d016f755cd6dc58c53a86e183882f8ec14f52fb05345887c8a5edd42c87b7”
And here is the hash of movie file:
“c5d817b7808884e8e2ef4ade291c5a3cb5ed84c86f9010fab29c64b7c1533603”
Preimage Resistant (Irreversibleness): A hash computed by a secure hash algorithm needs to be irreversible which means original input or any part of it can not be obtained by using output. Just making the first character lowercase is completely changes the hash like it is something entirely different and this provides irreversibleness.
“Hello!”: 334d016f755cd6dc58c53a86e183882f8ec14f52fb05345887c8a5edd42c87b7
And for “hello!”: ce06092fb948d9ffac7d1a376e404b26b7575bcc11ee05a4615fef4fec3a308b
See that even making a letter lower case changes the output completely as if it's input is entirely different.
Deterministic: A hash may seem like random characters but it is not. It will produce same hash for a certain data over and over whenever or wherever you try.
Collision resistant: Secure hash algorithms need to be collision resistant for it to be “secure” that is two different data should not collide by producing same hash hence the term “hash collision”. There can only be just one unique number for a certain input(any data, can be a text, a complete book or a computer file). Because it safe to say that a cryptographic hash is like a DNA or a fingerprint of the input. Actually, in reality cryptographic hashes are not unique and will not be in any time soon but they are close enough.
Here are some of the cryptographic hash functions and hashes of the input for “Hello World”. (You could have just use your favorite song as a mp3 file for input.)
SHA-256
SHA-256 is series of cryptographic hash functions designed by the NSA and widely used as of writing. Let’s take a look at some SHA-256 hash examples:
"a" ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb
"A" 559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
"Be kind to all living things" 3e759140c4a4ba8a9839c2a22e3d2bfba196944968e44eba22bf5d86c920194a
"Be kind to all living things!" 55d71c4ff6894866783087c0346928e27e8d06f27f3d5299cbe2effef5589f91
[samplephoto.jpg] (An actual JPG file)
41f13e74218849855a2d72ac6d9966ee1b9f96240c4db8e635684bffca0685aa
There are tons of websites where you can type any text or browse and select a file and convert it to hash. Just use your favorite search engine.
As you see even a tiny change, an exclamation mark at the end or just making a character upper case completely changes the hash. With a tiny change in input, output can change entirely. You can even put a complete book or any file of any size, in this case a photo file through hash algorithm. It does not matter how much data you put in, hash will always have a fixed length which is 64 characters i.e. 32 bytes. It never changes. And you can not just take a hash and figure out the original message or any part of it. It could just be a letter or a number or complete series of Star Wars in 4K.
What are hashes for?
So, we now have a grasp of what a hash is and how it is obtained let’s take a look at where do we use them and how it is tied to the Bitcoin and cryptocurrencies.
Let’s assume you are logging in to your guild account.
Login: dindjarin@thisistheway.credits
Password: wohooihaveajetpack
Probably the website does have a file for users like that:
mailaddress : password hash
dindjarin@thisistheway.credits : 0f9a30bc434352e7e2e17d37f3d89caf7aec29d8039970eab897f19dad3fb38f
Because, even if a hacker hacks the guild database all he/she will have a file of hashes instead of passwords which is useless.
When you try to login a website, it automatically converts your password into a hash through a hash function and compares the hash when you hit the “login” button that are stored in their servers. If it matches than you are logged in and if it does not you get an error message “Wrong user id or password” or something like that.
Or let’s say you are transferring a file and you have the hash of the file. After the transfer competes you can put the file (which is a number, just wanted to remind you one last time) through the hash function and see that if it is legit or the file is altered in any way. Instead of comparing two files character by character, you can check the hashes and see if they are equal.
Or you can use it create data blocks chained to each other.
Thank you for reading. I hope, you enjoyed it and/or it helped you somehow.
Have a nice day :)