Hashing and Salting

Hashing and salting are cryptographic techniques commonly used to protect sensitive data, particularly passwords, in software systems.


Hashing

Hashing

Hashing is a process of converting data into a fixed length string of character through a hash function. It is a one-way process that cannot reverse back to original value easily. The common hash function included SHA-256 and MD5.

Hashing is widely used to ensure data integrity. For example, the hashed data will stored in a system database. When user login, the input password will be hashes and compare with the stored hash in database. This can ensure the password integrity.

However, hashing alone is not sufficient for password storage because attackers can use techniques like rainbow tables (precomputed tables for reversing hash functions) to find matches and crack weak hashes. To add extra randomness, salting technique is introduced.


Salting

Hashing

Salting is a technique used to add extra randomness to the input before hashing to make attacks more difficult. A salt is a random string added to a password before it is hashed. This ensures that even if two users have the same password, their hashes will be different due to the unique salt values.

By adding a random salt value into the data before hashing process, it will become harder for attackers to guess the original password.


Hasing and Salting with Python

pyhton code hashing and salting

Output

output1 python code hashing and salting
output2 python code hashing and salting

References