What is Cryptography?
Put simply cryptography is the art of protecting your data – It’s much more than this, but for the purpose of keeping things simple, this article explains how websites may use cryptography to keep an your login credentials secure.
You’ll find that cryptography has become a part of your daily life, probably without you ever being aware of it. Systems like ATM cards take advantage of cryptography to keep your account information and access secure.
Encryption is the process of taking ordinary (usually user supplied) information, called plaintext, and converts it in to unintelligible text, known as ciphertext. On the web and of course in other systems, computer based or otherwise, encryption is used to store sensitive data in a manner that makes difficult for an unauthorised system (person or computer) to understand.
When talking about encryption you can split encryption types in to two groups: 1-way encryption commonly referred to as a hash function, and 2 way encryption.
1-way encryption produces output that’s known as a hash code, that once converted can’t be converted back in to plaintext (Not accurately at least. This is described in more detail below). This form of encryption is commonly used to store passwords for website logins. It offers the owner of a website one of the best ways to provide a secure login, without ever needing to know or store what your password actually is.
This generally provides a key that is used to encrypt data and then a private key used to decrypt this ciphertext and make it readable again. This type of encryption is commonly used for storing sensitive data that needs to remain accessible to authorised systems or to secure communications over non-secure channels.
Weaknesses of hash functions
Whilst hash functions are commonly used they’re far from flawless. A hash function is defined as “broken” if there is a demonstrated or theoretically proven weakness, at which point it starts becoming advisable to stop using the hash function.
One of the most common ways to break a hash function is by brute forcing the encryption type until you get a match. Brute force is an approach whereby a system iterates through every combination [targeted or not] of a string increasing in length until there is a match.
The way hash functions work though means that they become more susceptible to a brute force attack depending on the hash function used. This is the case because a single hash functions can result in the same hash code from different strings. The reason this causes a problem can be explained by two simple examples.
The birthday problem illustrates the likelihood of people in a group sharing the same birthday. Since there are a finite number of days a person can have a birthday on (366 including February 29th) as the number of people increases the chance of 2 people sharing a birthday increases. The same issue occurs with hash functions. Since there’s only a finite number of hash codes a single hash function can output there becomes a point where 2 separate input strings will produce the same has code. The nature of hash codes means they can’t be unique, otherwise it would become a 2-way encryption and could be reversed through decryption.
This is known as a collision and it’s the probability of this occurring that determines how strong a hash function is.
In fact the Birthday problem elaborates on the issue nicely since it has such a small number of possibilities and illustrates that it only takes 57 people for there to be a 99% chance of 2 people sharing the same birthday. It only takes 27 people for the chance of 2 people to share a birthday to be 50%, at any point on (adding more people in the group) it becomes more likely for 2 people in the group to share a birthday than not.
This is basically the point where a number of items become higher than the number of possibilities for that item.
The actual example here is, say you have 8 holes but 9 pigeons, the 9th pigeon has to share a hole with another pigeon guaranteeing that 2 pigeons will be sharing a hole.In the birthday problem this principle becomes true when there are 367 people in a group. That 367th person guarantees that 2 people share the same birthday.
So why use encryption for passwords? Isn’t my password as plaintext more secure?
Since there’s only 1 input that would ever match a plaintext password, if your password is unique, long enough and random enough, then yes, technically a plaintext password might be more secure than some hashes. In reality though, let’s be honest, how many of your passwords are 64-128 characters long, and random. Most passwords will contain English or something meaningful to the user.
It also means that your password must be stored in a manner that’s accessible in some way (2-way encryption or plaintext). This means that if someone has access to that data, they may have access to your password. To further this, if your password became known, then it might even compromise your login on other sites.
Whilst it’s always discouraged, how many people out there can honestly say that their password is unique to each website, let alone random enough? Let’s be honest, most of us do it; we’ll have a password, we’ll use it for many different sites, with at most slight variations between sites (a number on the end, etc…).
There’s only so many passwords one person can remember; unless you write them all down – in which case I suggest writing them down physically rather than on a computer that’s accessible to the web. Most stolen passwords are accessed digitally rather than by breaking in to your house and stealing a piece of paper. Obviously I’m in no way recommending you do this (writing down passwords or committing crime).
What makes a hash function stronger?
This boils down to a few things, but primarily described by collision resistance. Collision resistance, like the names suggests, is how susceptible a hash function is to collisions i.e. how unlikely it is that 2 inputs will result in the same hash code.
So are my passwords safe?
With the right hash function as used in our CMS and ecommerce platform, your actual password is completely fine, since the result is one way. However, it’s always only ever a matter of time before that hash function becomes “broken”.
To back this up there are always other systems in place on top of this to prevent things like brute force attacks and other hacking attempts.