# Hash Functions

Merkle Damgard Construction \(MD5, SHA1, SHA2\)

![](https://cocalc.com/blobs/paste-0.5501842864172685?uuid=827c3cdf-dc4b-47fe-9671-c739d148d86c)



In [46]:
import hashlib
import base64
m = b'cryptography'
print('MD5', hashlib.md5(m).hexdigest())
print('SHA1', hashlib.sha1(m).hexdigest())
print('SHA2', hashlib.sha512(m).hexdigest())
print('SHA3', hashlib.sha3_512(m).hexdigest())

MD5 e0d00b9f337d357c6faa2f8ceae4a60d
SHA1 48c910b6614c4a0aa5851aa78571dd1e3c3a66ba
SHA2 cd700ec1a9830c273b5c4f0de34829a0a427294e41c3dfc243591a3caf68927ab84be7a91cd16e34275f66b7cd76a53c4bb117215a4b18074303197e6594347b
SHA3 d95d0ba1e24a97716ba736a33a545bb93515a1b95ebf0d120807ee628bfdeb548926eb23a3d74b9e62e8c1770d1441e79136bea681c5e4306cfeec4fd43d436b


In [47]:
from hashlib import sha1


def generate_hash(name):
    return sha1(name.encode()).hexdigest()



def test():
    name = input('Enter your name: ')
    print('The hashed value of your name is = ', generate_hash(name))

test()

The hashed value of your name is =  da39a3ee5e6b4b0d3255bfef95601890afd80709


Now, check the output with the output from the following website: [https://passwordsgenerator.net/sha1\-hash\-generator/](https://passwordsgenerator.net/sha1-hash-generator/) 


### Password Hashing



In [48]:
from hashlib import sha1

def hash_password(password):
    return sha1(password.encode()).hexdigest()

def check_password(stored_hashed_password, plain_password):
    # Your validity check here
    hashed_password = generate_hash(plain_password)
    password_validity = stored_hashed_password == hashed_password
    return password_validity

def test(entered_password):
    hashed_password="d20a09545c7aff14a4f596ddba19296d58f6c101"
    valid_pass = check_password(hashed_password, entered_password)
    if valid_pass:
        print('[x] the entered password ({0}) is a valid password'.format(entered_password))
    else:
        print('[x] the entered password ({0}) is NOT a valid password'.format(entered_password))

test('wrong password')
test('secret password')


[x] the entered password (wrong password) is NOT a valid password
[x] the entered password (secret password) is a valid password


### Salted Hash



In [49]:
import uuid
from hashlib import sha1

def hash_salted_password(password):
    salt = uuid.uuid4().hex # generate a random unique ID as a 'salt' value
    result = generate_hash(password) + "," + salt
    return result


def generate_salted_password(plain_password):
    print('[x] The plain password : ', plain_password)
    hashed_password = hash_salted_password(plain_password)
    print('[x] Stored in the db : ', hashed_password)
    return hashed_password

hashed_password = generate_salted_password('secret password')

[x] The plain password :  secret password
[x] Stored in the db :  d20a09545c7aff14a4f596ddba19296d58f6c101,fe823309d11f4a8397c81d7681b1e770


Continue the above code for validity check


In [50]:
def check_salted_password(stored_hashed_password:str, plain_password: str):
    [hashed_password, *_] = generate_salted_password(plain_password).split(",")
    [stored_hashed, *_] = stored_hashed_password.split(",") 
    password_validity = hashed_password == stored_hashed 
    # Your code here
    # Note that the stored hashed password also concatendated with the salt value as well.
    return password_validity

password = 'secret key'
hashed_password = generate_salted_password(password)

# entered_password = input('Enter the password: ')
check_salted_password(hashed_password, 'secret key')

[x] The plain password :  secret key
[x] Stored in the db :  1a421e4919b1674defaf1ea063893fe198fe5dd8,0343467023594523be24e31eb0d70dab
[x] The plain password :  secret key
[x] Stored in the db :  1a421e4919b1674defaf1ea063893fe198fe5dd8,4a8d41881e1a488098f115bc387f95c7


True

**Exercise**

Find the first collision with the hash digest of integer input 10, \(similar hash for two different integer inputs\), such that the first four hexa digits of their MD5 hash digests are similar

use _bytearray\(n\)_ to get the hexa value of integer _n_


In [45]:
digits = 4
hashed_10 = hashlib.md5(b'10').hexdigest()[:digits]

i = -1
while True:
  i += 1
  if i == 10: 
    continue
  hash_i = hashlib.md5(str(i).encode()).hexdigest()
  if (hash_i[:digits] == hashed_10):
    print(i)
    break
  

22571


In [44]:
collision = hashlib.md5(str(i).encode()).hexdigest()
collision.startswith(hashed_10)
print(i)
# 22571


22571
