From e00f8f1d1ec2cf4b57eccdff8d0b1d1bad52bcc3 Mon Sep 17 00:00:00 2001 From: shockrahwow Date: Tue, 22 Oct 2019 10:49:01 -0700 Subject: [PATCH] notes about hash security --- 312/notes/hash.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/312/notes/hash.md b/312/notes/hash.md index c1dbe23..8bc362c 100644 --- a/312/notes/hash.md +++ b/312/notes/hash.md @@ -24,3 +24,15 @@ In English: _Only inputs can find outputs, not the other way around._ * Two-way property/ Collision-free Property **2** identical data inputs will map to the same output + +## What does a hash provide? + +* Integrity checks + +* Message Digest / Authentication + +_Hashes are not secure ffs_. When we say authentication we really mean that we are checking to ensure there has been no changes to the original message. +_NOTE:_ this really doesn't guarantee anything in communications susceptible to man-in-the-middle attacks. + +Let's get real for minute: Think of it this way a message is like a car and the key is our hash. If the key doesn't fit in the slot then its not our car, **but** if we sent our car + key oversees whoever steals the car + key has full control and we lose security effectively. Using SSL is _kinda_ like putting that car + key combo in a box that nobody except the recipient can open. +