# Python Hashing: From Basics to Advanced 🔐

## Table of Contents
1. [1. Basic Hashing Concepts](#1-basic-hashing-concepts)  
2. [2. Dictionary and Hash Tables](#2-dictionary-and-hash-tables)  
3. [3. Advanced Hashing with hashlib](#3-advanced-hashing-with-hashlib)  
4. [4. Hash Collisions](#4-hash-collisions)  
5. [5. Practice Projects](#5-practice-projects)

## 1. Basic Hashing Concepts

Hashing transforms input data into a fixed-size string of characters. Think of it like a fingerprint - each input gets a unique identifier.

Key features:
- One-way process (can't reverse it)
- Same input = Same hash
- Different inputs (usually) = Different hashes
- Fixed output length

In [None]:
# Basic hashing examples
print("Hashing integers:")
print(f"hash(10) = {hash(10)}")

print("\nHashing strings:")
print(f"hash('Hello') = {hash('Hello')}")

print("\nHashing tuples:")
print(f"hash((1, 2, 'Python')) = {hash((1, 2, 'Python'))}")

# Try hashing a list (will raise TypeError)
try:
    hash([1, 2, 3])
except TypeError as e:
    print(f"\nError hashing list: {e}")

## 2. Dictionary and Hash Tables

Dictionaries use hashing internally for fast lookups. Only immutable objects can be dictionary keys.

In [None]:
# Dictionary example
fruit_prices = {
    'apple': 1.2,  # 'apple' is hashed to find storage location
    'orange': 0.8,
    'pear': 1.5
}

print(f"Apple price: ${fruit_prices['apple']}")

# Using tuples as keys (because they're immutable)
coordinates = {
    (0, 0): 'Origin',
    (1, 0): 'Right',
    (0, 1): 'Up'
}

print(f"Point (0,0) is: {coordinates[(0, 0)]}")

## 3. Advanced Hashing with hashlib

### Common Hash Functions in hashlib:
•	**md5**: Fast but insecure (avoid using for security-critical tasks). \
•	**sha1**: Better but considered weak for security.\
•	**sha256** and **sha512**: Secure and widely used.\
• **sha3_256** and **sha3_512** (Part of the SHA-3 family, modern and secure)\
•	**blake2b**: Very fast, secure alternative.

In [10]:
import hashlib

# Input text
text = "Hello, World!"

# MD5 (Not secure for passwords!)
md5_hash = hashlib.md5(text.encode()).hexdigest()
print(f"MD5:        {md5_hash}")

# SHA-1 (Considered weak)
sha1_hash = hashlib.sha1(text.encode()).hexdigest()
print(f"SHA-1:      {sha1_hash}")

# SHA-256 (Secure and widely used)
sha256_hash = hashlib.sha256(text.encode()).hexdigest()
print(f"SHA-256:    {sha256_hash}")

# SHA-512 (More secure than SHA-256, produces a longer hash)
sha512_hash = hashlib.sha512(text.encode()).hexdigest()
print(f"SHA-512:    {sha512_hash}")

# SHA3-256 (Part of the SHA-3 family, modern and secure)
sha3_256_hash = hashlib.sha3_256(text.encode()).hexdigest()
print(f"SHA3-256:   {sha3_256_hash}")

# SHA3-512 (Part of the SHA-3 family, produces longer hashes)
sha3_512_hash = hashlib.sha3_512(text.encode()).hexdigest()
print(f"SHA3-512:   {sha3_512_hash}")

# BLAKE2b (Fast, secure, and modern alternative)
blake2b_hash = hashlib.blake2b(text.encode()).hexdigest()
print(f"BLAKE2b:    {blake2b_hash}")

## 4. Hash Collisions

A hash collision occurs when two different inputs produce the same hash value. Modern cryptographic hash functions like sha256 are designed to minimize this risk.

### 4.1 Collisions examples

In [1]:
import hashlib

# Two different inputs with the same MD5 hash (known example)
input1 = "d131dd02c5e6eec4"
input2 = "d131dd02c5e6eec5"

hash1 = hashlib.md5(input1.encode()).hexdigest()
hash2 = hashlib.md5(input2.encode()).hexdigest()

print(hash1)  # Output: 764796a22b1e6a42c41f354e0e1ecf70
print(hash2)  # Output: 764796a22b1e6a42c41f354e0e1ecf70 (Collision!)

### 4.2 How to Handle Collisions:

Storing raw passwords is risky. If the database is compromised, attackers could steal the passwords. Instead, store hashed passwords.


1. Use a stronger hash function:
	•	Switch from md5 or sha1 to sha256 or sha3.

2.	Salt the input:
	•	Add randomness to your hash input to prevent identical hashes(even if two users have the same password)

3. Use Other libraries:
 • Argon2: is a modern and secure password hashing function (**Best Bractice**) \
 • HMAC (Hash-based Message Authentication Code): adds a key to the hashing process for extra security

	Note: Use ```pip install argon2-cffi``` to install Argon2


In [9]:
import hashlib
import os

password = "password123"

### Hash without salt
hash1 = hashlib.sha256(password.encode()).hexdigest()
hash2 = hashlib.sha256(password.encode()).hexdigest()
print("Hash without Salting",hash1 == hash2)  # Output: True (Hashes are identical and predictable!)

### Hash with salt
salt1 = os.urandom(16)
salt2 = os.urandom(16)
hash1 = hashlib.sha256(salt1 + password.encode()).hexdigest()
hash2 = hashlib.sha256(salt2 + password.encode()).hexdigest()
print("Salting :",hash1 == hash2)  # Output: False (Unique hashes due to different salts)

### Generating an HMAC
import hmac
key = b'secret_key'
message = b"hello world"
hmac_object = hmac.new(key, message, hashlib.sha256)
print("Hmac ",hmac_object.hexdigest())  # Output: HMAC value

### Argon2 Hashing
from argon2 import PasswordHasher
ph = PasswordHasher()

# Hash a password
hashed_password = ph.hash("securepassword123")
print("Argon2:", hashed_password)
# Verify the password
try:
    ph.verify(hashed_password, "securepassword123")
    print("Password verified!")
except:
    print("Invalid password!")

### 4.3 Security Applications 

In [3]:
import hashlib
import os

def hash_password(password):
    """Secure password hashing with salt"""
    # Generate random salt
    salt = os.urandom(16)
    # Hash password with salt
    hash_obj = hashlib.pbkdf2_hmac(
        'sha256',
        password.encode(),
        salt,
        100000  # Number of iterations
    )
    return salt, hash_obj

def verify_password(stored_salt, stored_hash, password):
    """Verify a password against stored hash"""
    hash_obj = hashlib.pbkdf2_hmac(
        'sha256',
        password.encode(),
        stored_salt,
        100000
    )
    return stored_hash == hash_obj

# Example usage
password = "MySecurePassword123"
salt, hash_value = hash_password(password)
print(f"Original Password: {password}")
print(f"Salt (hex): {salt.hex()}")
print(f"Hash (hex): {hash_value.hex()}")

# Verify password
is_valid = verify_password(salt, hash_value, password)
print(f"\nPassword verification: {'✅ Success' if is_valid else '❌ Failed'}")

## 5. Practice Projects

### 5.1 File Integrity Checker

In [None]:
def calculate_file_hash(filename):
    """Calculate SHA-256 hash of a file"""
    sha256 = hashlib.sha256()
    with open(filename, 'rb') as f:
        for block in iter(lambda: f.read(4096), b''):
            sha256.update(block)
    return sha256.hexdigest()

# Example usage (create a test file first):
with open('test.txt', 'w') as f:
    f.write('Test content')

original_hash = calculate_file_hash('test.txt')
print(f"File hash: {original_hash}")

# Verify file hasn't changed
current_hash = calculate_file_hash('test.txt')
print(f"File integrity check: {'✅ Passed' if current_hash == original_hash else '❌ Failed'}")

### 5.2 Simple Password Manager

In [None]:
# Project 2: Simple Password Manager
class PasswordManager:
    def __init__(self):
        self.password_db = {}
    
    def add_password(self, username, password):
        """Store a new password"""
        salt, hash_value = hash_password(password)
        self.password_db[username] = (salt, hash_value)
    
    def verify_user(self, username, password):
        """Verify user's password"""
        if username not in self.password_db:
            return False
        salt, stored_hash = self.password_db[username]
        return verify_password(salt, stored_hash, password)

# Example usage
pm = PasswordManager()
pm.add_password('alice', 'SecurePass123')

# Test verification
print("Correct password:", pm.verify_user('alice', 'SecurePass123'))
print("Wrong password:", pm.verify_user('alice', 'WrongPass123'))

### 5.3 Simulating a Simple Blockchain

In [11]:
import hashlib

def create_block(data, prev_hash):
    block = {
        "data": data,
        "prev_hash": prev_hash,
        "hash": None
    }
    # Generate a hash for the block
    block_string = f"{block['data']}{block['prev_hash']}"
    block["hash"] = hashlib.sha256(block_string.encode()).hexdigest()
    return block

# Create a chain
genesis_block = create_block("Genesis Block", "0")
block2 = create_block("Block 2 Data", genesis_block["hash"])

print("Genesis Block:", genesis_block)
print("Block 2:", block2)
