6 exercises — collision/preimage resistance, SHA-256 vs MD5, salting, password hashing (bcrypt, scrypt, Argon2), and HMAC.
0 / 6 completed
1 / 6
What is the correct definition of "collision resistance" for a cryptographic hash function?
Collision resistance is one of three core security properties of a cryptographic hash function:
• Collision resistance: computationally infeasible to find any two inputs x ≠ y where hash(x) = hash(y) • Preimage resistance: given a hash output h, computationally infeasible to find ANY input x such that hash(x) = h (this protects against reversing a hash back to its input) • Second preimage resistance: given a specific input x, computationally infeasible to find a DIFFERENT input y such that hash(x) = hash(y) — a stronger, more targeted version of collision resistance
Collisions must exist mathematically (infinite possible inputs, finite possible outputs), but a secure hash function makes finding one require an infeasible amount of computation. MD5 and SHA-1 are considered "broken" precisely because practical collision attacks were found against them.
2 / 6
Why is MD5 considered deprecated / unsafe for security purposes today?
MD5 (and, later, SHA-1) were broken by practical collision attacks — meaning an attacker could deliberately craft two different files/certificates/messages that hash to the identical value. This defeats the entire purpose of using a hash for integrity or signature verification, because an attacker could substitute a malicious file for a legitimate one without changing the hash.
Current recommendations: • SHA-256 / SHA-512 (SHA-2 family): the current widely-deployed standard, no practical collision attacks known • SHA-3: a newer standard with a different internal design (Keccak), providing an alternative if a weakness is ever found in SHA-2 • BLAKE3: a modern, extremely fast hash function gaining adoption for non-legacy use cases
MD5 and SHA-1 may still appear in non-security contexts (e.g. checksums for accidental corruption detection, git's historical use of SHA-1 for object addressing) but should never be used where an adversary might deliberately try to forge a match.
3 / 6
Complete the description: "SHA-256 produces a 256-bit digest regardless of input size. A single bit change in the input produces a completely different digest — this property is called the ___."
The avalanche effect is what makes hash outputs look completely uncorrelated even for near-identical inputs — changing a single bit of input should flip roughly half the output bits, unpredictably.
Related vocabulary: • Digest: the fixed-size output of a hash function (also called a "hash value" or "hash") • Fixed output size: regardless of whether you hash one byte or one gigabyte, SHA-256 always produces exactly 256 bits (32 bytes) of output • Deterministic: the same input always produces the same output, every time
The avalanche effect is why hashes are useful for integrity checks: even a one-character change to a file (or a single flipped bit from corruption) produces a visibly different digest, making tampering or corruption detectable.
4 / 6
What is a "salt" in the context of password hashing, and what problem does it solve?
A salt is a unique random value added to a password before hashing, specifically to defeat precomputation attacks.
Without a salt: an attacker can precompute a huge lookup table (a "rainbow table") mapping common passwords to their hash values once, then instantly reverse-lookup any leaked hash — and if two users share a password, they'll have identical hashes, revealing the pattern.
With a salt: each password gets combined with a per-user random salt before hashing, so hash(salt + password) is unique per user even for identical passwords — a rainbow table would need to be recomputed separately for every possible salt, making the attack impractical.
Important: a salt is NOT secret — it's typically stored alongside the hash in plaintext. Its job is to guarantee uniqueness, not to add secrecy (that's what a "pepper," a separate application-wide secret, is sometimes used for).
5 / 6
Why are bcrypt, scrypt, and Argon2 used specifically for password hashing instead of plain SHA-256?
General-purpose hash functions like SHA-256 are optimised for speed — great for checksums and digital signatures, but that same speed is a liability for password storage, because it lets attackers try billions of guesses per second on modern GPUs.
Password hashing algorithms (bcrypt, scrypt, Argon2) are deliberately slow and configurable: • Work factor / cost parameter: a tunable setting (e.g. bcrypt's "rounds," Argon2's "iterations/memory/parallelism") that controls how much CPU time and/or memory is required per hash — increased over time as hardware gets faster • Memory-hardness (scrypt, Argon2): deliberately requires significant RAM per hash attempt, which makes cheap, massively parallel GPU/ASIC cracking far less effective than with CPU-time-only algorithms • Built-in salting: these algorithms handle salt generation and storage automatically as part of their standard output format
Argon2 (specifically Argon2id) is the current OWASP-recommended default for new applications.
6 / 6
What does HMAC provide that a plain hash function alone does not?
A plain hash (e.g. SHA256(message)) only proves integrity — that the message hasn't changed since the hash was computed — but ANYONE can compute a hash, including an attacker who modifies the message and recalculates a new matching hash. It provides no proof of who created it.
HMAC adds a signing key into the computation: HMAC(key, message). Only someone who knows the secret key can produce a valid HMAC for a given message, so verifying the HMAC proves BOTH: • Integrity: the message content hasn't been tampered with • Authenticity: the message was created by someone possessing the shared secret key
Common uses: API request signing (e.g. AWS Signature V4, webhook payload signatures like Stripe's Stripe-Signature header), and as a building block inside TLS's record-layer integrity checks.
What does the "Hashing Vocabulary — Cryptography & PKI Exercises" exercise cover?
Practise hash function vocabulary: collision resistance, preimage resistance, avalanche effect, salting, password hashing algorithms (bcrypt, Argon2), and HMAC. Intermediate exercises.
Is this exercise free to use?
Yes. Every exercise on CoderSlingo, including this one, is free to use with no account, sign-up, or paywall.
How many questions are in "Hashing Vocabulary — Cryptography & PKI Exercises"?
This exercise has 6 questions. Each one gives instant feedback with an explanation, so you can see exactly why an answer is right or wrong.
Do I need to create an account to save my progress?
No account is required. The progress bar and score are tracked in your browser for the current session -- the exercise is designed to be a quick, repeatable drill rather than something you resume later.
What happens if I get an answer wrong?
You'll see the correct answer highlighted immediately, along with a short explanation of why it's correct. Wrong answers aren't penalized beyond your score, and you can keep going through every question.
How is this exercise different from reading an article?
Articles explain vocabulary and concepts through prose, while exercises like this one are interactive drills -- multiple-choice questions -- that test and reinforce your recall of specific terms and phrasing.
Can I retry this exercise?
Yes -- use the "Try again" button on the results screen to reset your score and go through all the questions again from the start.
Where can I find more Cryptography & PKI exercises?
Browse the full Cryptography & PKI hub for related drills, or check the site-wide exercises index for other IT English topics.
Is this exercise suitable for beginners?
This exercise assumes basic familiarity with IT terminology. If a term feels unfamiliar, check the site Glossary for a plain-English definition before attempting the questions.
How often is new content like this published?
New exercises are added regularly across all categories, alongside new vocabulary sets and articles. Check back on the exercises hub to see what's new.