Sunday, March 1, 2015

How to hash Data/feed files for File transfers(sftp) using and Sqlsever 2014(Cryptography).

Microsoft .Net framework provided cryptography class object, These objects are usefully for encryption/decryption/hashing on sensitivity data files.(File transfers).

In the FTP world, Every organization transfer files to third party in a secure way using sftp protocols  with pgp /custom encryption  on data files.

Why Hash?

  • Hash plays a role in security systems where they're used to ensure that transmitted data files have not been tampered by hacker.
  • The sender generates a hash of the data file, encrypts it, and sends it with the Data file itself. 
  • The recipient then decrypts both the Data File and the hash, 
  • Recipient produces another hash from the received data file and compare sender hash and recipient generated hash
  • If they're the same, there is a very high probability that the message was transmitted intact.
For demo purpose I have created a console application in using System.Security.Cryptography class and  Tsql scripts in SQL Server 2014 
Algorithm SHA256



A text file is created under C:\Hari\hari.txt and added "I am a good boy" as text.
Process generated hash on hari.txt file 
-- hash value with original value text ("I am a good boy")



next I opened  file C:\Hari\hari.txt and modified text inside "I am good boy, I am from Jamaica".
process generated hash on hari.txt file
-- hash value is changed when i modified a text file.


when I compare both hash values, They did not match and possible tamper in the file.

the following code will give you an idea, How to generate hash.

Please find C# demo code here

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Cryptography;
using System.IO;

namespace ConsoleApplication1
    class Program
        static void Main(string[] args)
            //hash some test file
            string path = @"C:\hari\hari.txt";

            string checksumMd5 = GetChecksum(path, Algorithms.MD5);
            string checksumSha1 = GetChecksum(path, Algorithms.SHA1);
            string checksumSha256 = GetChecksum(path, Algorithms.SHA256);
            string checksumSha384 = GetChecksum(path, Algorithms.SHA384);
            string checksumSha512 = GetChecksum(path, Algorithms.SHA512);
            string checksumRipemd160 = GetChecksum(path, Algorithms.RIPEMD160);
            //print buffer value.
            //wait for userinput

        //  create algorithm class
        public static class Algorithms
            public static readonly HashAlgorithm MD5 = new MD5CryptoServiceProvider();
            public static readonly HashAlgorithm SHA1 = new SHA1Managed();
            public static readonly HashAlgorithm SHA256 = new SHA256Managed();
            public static readonly HashAlgorithm SHA384 = new SHA384Managed();
            public static readonly HashAlgorithm SHA512 = new SHA512Managed();
            public static readonly HashAlgorithm RIPEMD160 = new RIPEMD160Managed();

      // hashing file by reading data in the file using stream readers
        public static string GetChecksum(string filePath, HashAlgorithm algorithm)
            using (var stream = new BufferedStream(File.OpenRead(filePath), 100000))
                byte[] hash = algorithm.ComputeHash(stream);
                return BitConverter.ToString(hash).Replace("-", String.Empty);


T sql script in Sql sever 2014.

I used Binary_check sum and Hash functions.

No comments:

Post a Comment