- 04 Oct 2022
- 2 Minutes to read
Hashing FAQs, Tips, and Examples
- Updated on 04 Oct 2022
- 2 Minutes to read
What are hashing algorithms?
Hashing algorithms are functions that take text input and return a hash code, or message fingerprint, of that input. The resulting hash code is a fixed length and will vary widely with small variations in input.
Why are hashing algorithms used?
One of the primary features of hashing algorithms is that they are one-way functions which means that it is nearly impossible to determine the original input based only on the hash code. Hashing algorithms power the security behind applications like internet banking and they are what allows Jornaya to receive data in a way that protects consumer privacy.
What algorithms are compatible with Jornaya Activate?
MD5 and SHA-256 are two popular algorithms that Jornaya Activate supports. Many databases and programming languages have built-in functions that will hash database content for you.
- MD5 algorithm always produces 32-character strings
- SHA-256 algorithm always produces 64-character strings
If the hashed fields being sent to Jornaya are not 32 or 64 characters, please check that a supported hashing algorithm is being used.
How is hashing different from encryption?
Encryption turns data into a series of unreadable characters that aren't of a fixed length. The key difference between encryption and hashing is that encrypted strings can be reversed back into their original decrypted form if you have the right key.
- Upper and lower case values produce different hash values
- Solution: Use lower case values for Jornaya Activate
- Leading/trailing white spaces will modify the hash values
- Solution: Strip leading/trailing white spaces out prior to hashing
- All characters impact the hash
- Strip out parentheses, hyphens, and/or periods from phone numbers
- NOTE: Periods and "@" symbolsfor email addresses should remain
Below are example hashes that can be used to confirm the hashing logic is returning the expected outputs.
Example 1: MySQL to hash a single email address
SELECT SHA2('[email protected]', 256) as email01;
Example 2: MySQL to hash a single email address with trailing whitespace
SELECT SHA2('[email protected] ', 256) as email02;
Note: The resulting hash completely changes by adding a single space at the end of the email address, before applying the hashing algorithm.
Example 3: MySQL to hash a 10-digit phone number
SELECT SHA2('6105551212', 256) as phone01;
Example 4: MySQL to hash a 10-digit phone number with hyphens
SELECT SHA2('610-555-1212', 256) as phone02;
Note: The resulting hash completely changes by including hyphens within the phone number, before applying the hashing algorithm.
Example 5: Microsoft SQL Server to hash a signal email address
SELECT ISNULL( CONVERT(varchar(255), HASHBYTES('SHA2_256', '[email protected]'), 2), '' ) AS email01;
- HASHBYTES('SHA2_256', '[email protected]') produces the hash value in binary.
- CONVERT(varchar(255), HASHBYTES('SHA2_256', '[email protected]'), 2) converts
the binary output to a varchar.
- ISNULL(CONVERT(varchar(255), HASHBYTES('SHA2_256', '[email protected]'), 2), '')
the hash value if available or an empty string.
Example 6: SAS to hash a single email address
proc sql; CREATE table temp_table AS SELECT sha256 (strip('[email protected]')) as email01 format $hex64. length=64 FROM &source_table; quit;
- Create a temporary table 'temp_table' to store the result of the SQL query.
- The source of the consumer's PII is source_table
- strip('[email protected]') strips all whitespace from the input
- sha256 (strip('[email protected]')) as email01 format $hex64. length=64 hashes the
input, converting the default binary as a 64-character long hexadecimal string.