Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Start a free Courses trial
to watch this video
What goes into a great hash?
Hashing is a one-way street; data that has been hashed cannot be unhashed. Some hashing algorithms, though, have been compromised through what's known as hash collisions. This is where two different inputs can generate the same hash. More damaging are chosen-prefix collision attacks, where attackers can use a known part of a document to generate a hash that matches another, valid document. Using this, they can spoof encryption keys and other symmetrically-encrytped documents.
To combat both of these, we add salts to our hashes and use hashing algorithms that either have no known (yet) collisions or stress the machines used to compute them. Both of these techniques can dissuade attackers.
Shattered
I misspoke in the video and said the SHA-1 collision detection came out of Adobe. It was actually discovered at Google by Project Zero/Google Research Security. You can find out more here.
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up