A one-way hash function is a cryptographic algorithm that turns an arbitrary-length input into a fixed-length binary value, and this transformation is one-way, that is, given a hash value it is statistically infeasible to come up with a document that would hash to this value. Also it is virtually impossible to find two different documents that hash to the same value (such a pair of documents is referred to as a "collision".)

There are three widely used hash algorithms: MD5, SHA and SHA-256. MD5 produces a 128-bit hash, SHA a 160-bit hash, and SHA-256 a 256-bit hash.

Note: As of 2005, MD5 is no longer considered secure for digital signing purposes as it has been shown to lack collision resistance. However, it is still widely used in various security protocols and applications for key generation purposes.

MD5 and SHA are supported by all cryptographic providers, while SHA-256 is only supported by the Microsoft Enhanced RSA and AES Cryptographic Provider.

This chapter will describe two practical applications for one-way hash functions: secure password storage and file "fingerprinting".

With AspEncrypt, a hash function is computed in three steps:

1. Create a CryptoHash object.
2. Add a text string or file to it. This step may be repeated several times.
3. Retrieve the result in a desired format (Hex, Base64 or binary.)

The following code snippet computes the SHA hash value of the string "some text":

VBScript
Set CM = Server.CreateObject("Persits.CryptoManager") Set Context = CM.OpenContext("", True) Set Hash = Context.CreateHash Hash.AddText "some text" Response.Write Hash.Value.Hex

C#
ICryptoManager objCM = new CryptoManager(); ICryptoContext objContext = objCM.OpenContext( "", true, Missing.Value ); ICryptoHash objHash = objContext.CreateHash( Missing.Value ); objHash.AddText( "some text" ); Response.Write( objHash.Value.Hex );

The CreateHash method accepts an optional HashAlgorithm argument. It is calgSHA by default.

To calculate SHA-256, we need to pass the appropriate parameter (calgSHA256) to CreateHash, and also use OpenContextEx to connect to the Microsoft Enhanced RSA and AES Cryptographic Provider:

VBScript
... Set Context = CM.OpenContextEx( _ "Microsoft Enhanced RSA and AES Cryptographic Provider", "", True) Set Hash = Context.CreateHash( calgSHA256 ) ...

C#
... ICryptoContext objContext = objCM.OpenContextEx( "Microsoft Enhanced RSA and AES Cryptographic Provider", "", true, Missing.Value); ICryptoHash objHash = objContext.CreateHash( CryptoAlgorithms.calgSHA256 ); ...

The Hash.Value property returns a CryptoBlob object containing the computed hash value. This blob object can be queried using the Hex, Base64 or Binary properties as described in previous chapters.

Once the hash value is retrieved from the CryptoHash object, you can no longer call AddText on it until the object is reset by calling the Reset method. This way, multiple hash values can be calculated using the same CryptoHash object.

Since it is practically impossible to find two documents that would have the same hash value, a document's hash, often referred to as a "fingerprint", can be used to uniquely identify this document. If you are developing a document repository, such as a database of images, and want to prevent the same document to appear in your database twice, you can store the document's thumbprint together with the document itself. This way, every time a new document is to be added you can easily check whether it already exists in your database by computing the new file's hash value and looking for a match in your database.

To calculate the hash value of a file, the method AddFile of the CryptoHash object should be used. This method accepts the physical path to the file being hashed:

VBScript
Set CM = Server.CreateObject("Persits.CryptoManager") Set Context = CM.OpenContext( "", True ) Set Hash = Context.CreateHash Hash.AddFile "c:\path\file.ext" Value = Hash.Value.Hex

C#
ICryptoManager objCM = new CryptoManager(); ICryptoContext objContext = objCM.OpenContext( "", 1, Missing.Value ); ICryptoHash objHash = objContext.CreateHash( Missing.Value ); objHash.AddFile(@"c:\path\file.ext"); String strValue = objHash.Value.Hex;

The CryptoHash object can also be used to compute the hash value of a binary array via the method AddBinary.

3.5.1 What is HMAC?

The Message Authentication Code (MAC) function is essentially a hash function with two arguments instead of one: a secret key and an arbitrary-length message. The MAC protects both the message's data integrity and authenticity. For the MAC to work, all parties involved in the secure exchange of messages must share a secret key.

Conceptually, the MAC is simply a hash function applied to the secret key and message concatenated together, as follows (the "+" sign denotes concatenation):

MAC(Secret, Message) = Hash(Secret + Message)

The MAC is then sent alongside the message. The whole "envelope" is often encrypted.

Message MAC

The recipient of the MAC-equipped message concatenates his own copy of the secret key with the message and computes his own MAC. If the MAC values match, the message is authenticated and its data integrity is verified. A MAC is therefore similar to a digital signature but is based on the shared knowledge of a secret key instead of public-key cryptography.

In a real world, the simple formula shown above is not used as it is vulnerable to various cryptographic attacks. A more complicated formula, referred to as HMAC, is used instead. HMAC uses two nested invocations of the hash functions as well as two concatenations and two XOR operations, as follows:

HMAC(Secret, Message) = Hash((Secret ^ opad) + Hash((Secret ^ ipad) + Message))

The "^" symbol denotes a bitwise XOR operation, and opad and ipad are byte sequences 0x5c5c5c... and 0x363636... respectively.

The HMAC function is considered secure and resistant to most cryptographic attacks. It is heavily used in the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols, among other areas.

HMAC can be based on any hash algorithm such as MD5, SHA or SHA256. The HMAC functions based on MD5, SHA, etc. are often denoted as HMAC_MD5, HMAC_SHA, etc. The length of the HMAC output equals that of the underlying hash function (16 bytes for HMAC_MD5, 20 bytes for HMAC_SHA, etc.)

3.5.2 AspEncrypt's HMAC Support

Starting with Version 2.6, AspEncrypt is capable of computing the HMAC function via the CryptoContext method ComputeHmac. This method expects a hash algorithm such as calgMD5 or calgSHA as the first argument, and CryptoBlob objects containing the secret key and message as the 2nd and 3rd arguments, respectively. The method returns an instance of the CryptoBlob object populated with the HMAC value.

The following code snippet computes the HMAC_MD5 and HMAC_SHA functions of the secret "my secret key" and message "Hello World!!!". Note that HMAC_SHA256, HMAC_SHA384 and HMAC_SHA512 require the Microsoft Enhanced RSA and AES Cryptographic Provider.

VBScript

Set CM = Server.CreateObject("Persits.CryptoManager") Set Context = CM.OpenContext( "", True ) Set KeyBlob = CM.CreateBlob KeyBlob.Ansi = "my secret key" Set MessageBlob = CM.CreateBlob MessageBlob.Ansi = "Hello World!!!" Set Hmac_MD5 = Context.ComputeHmac( calgMD5, KeyBlob, MessageBlob ) Set Hmac_SHA = Context.ComputeHmac( calgSHA, KeyBlob, MessageBlob ) Response.Write Hmac_MD5.Hex & "<BR>" & Hmac_SHA.Hex

C#

ICryptoManager objCM = new CryptoManager(); ICryptoContext objContext = objCM.OpenContext( "", true, Missing.Value ); ICryptoBlob objKeyBlob = objCM.CreateBlob(); objKeyBlob.Ansi = "my secret key"; ICryptoBlob objMessageBlob = objCM.CreateBlob(); objMessageBlob.Ansi = "Hello World!!!"; ICryptoBlob objHmac_MD5 = objContext.ComputeHmac( CryptoAlgorithms.calgMD5, objKeyBlob, objMessageBlob ); ICryptoBlob objHmac_SHA = objContext.ComputeHmac( CryptoAlgorithms.calgSHA, objKeyBlob, objMessageBlob ); txtResult.Text = objHmac_MD5.Hex + "<BR>" + objHmac_SHA.Hex;

The expected result is:

1256FE2C118C633AC4B0E65C9A11C3C6
E0C1A89DB5CCB48A07FA728554E200F95C647D9B