Dark Hash Collisions

Every business needs to protect their clients but businesses also can’t share client data – so what can they do? Businesses that handle client data need a way to find credentials that hackers already have without sharing any client information; this is where dark hash collisions come in. HackNotice allows businesses to review computational parts of data in question and cover any gaps in credential security.

Within a customer security environment, customers can take usernames for end-users, hash them (create a cryptographic one-way modification), and then take half of those hashes as a zero-knowledge way of identifying users. HackNotice brings in billions of credentials from leaks, extracts usernames, and builds the same hash by matching each customer’s half-hash to the customer’s full-hash. HackNotice identifies each hash and password pair that can be used to protect clients. HackNotice provides the half-hash pairs to customers, which customers can reverse. HackNotice then provides the half-hashes and password pairs to customers to turn into user pairs. These user credentials are then verified as working credentials and if they are matched, credentials should be reset.

VIEW GRAPHIC

User Data

HackNotice customers have millions of end-users signed up for their services. Every HackNotice customer wants to protect these users but can’t share sensitive data.

SHA-512

In order for customers to protect clients, customers will need to use hash algorithm SHA-512 to turn usernames into cryptographic hashes that can’t be reversed to further ensure client identities are protected. Customers cut these hashes in half to make it even more impossible to find the identities of clients.

Data Leak Lifecycle

HackNotice brings in tens of billions of credentials each year through our data leak collection. We then extract the usernames and passwords from that data. HackNotice then takes usernames and generates a SHA-512 hash for each username. Customers then share these half-hashes with HackNotice.

Finding Full Hashes

HackNotice is able to find full hashes that match with half-hashes. These full-hashes let us know which credentials our customers care about.

Alerts

HackNotice then generates half-hash and password pairs and then provides the pairs to customers. HackNotice has no idea who clients are but are still able to find sensitive passwords.

Identifying credentials

Finding working credentials – the client brings in the half-hashes and passwords from HackNotice. The client can then take half-hashes and find which usernames the hashes belong to once the client has usernames and passwords, it can safely identify the credentials that hackers have access to that are likely to work against end-users once our customer finds credentials, they can reset credentials.