pull down to refresh

US Grade 8? I would likely describe it with how websites or a computer would store their passwords safely, since by that age a lot of them will (sadly) have been on computers a hell of a lot and know the importance of a password. If I am assuming it's the USA school system then I am not sure on the level of tech knowledge schools would teach however.
I had the fortunate opportunity to teach 13-16 year olds about a cryptography challenge during an event, this is a brief rundown of what I did.
I described this mostly as:
"Hashing is a method to store strings of data confidentially and/or prove the correctness of data (integrity). This process involves a (cryptographic) technique where an input (such as a text, picture, or file) is turned into output of a jumbled up string of random text (called the hash). Hashing techniques can be different to others, and different techniques are called 'algorithms'.
Hashes have a fixed length, meaning if the algorithm specifies to output a 32 character string, any input that is hashed with that algorithm will output a 32 character string.
To note:
  1. The hash will always be the same if the input is the same. It is a transformation of the original information and doesn't change or randomize it every time you do it. The only time a hash changes if the input is the same is if they are using a different algorithm.
  2. It is not possible to know what the hash means without knowing what the input value of that hash is. (Yes yes, rainbow tables etc but it doesn't need to be mentioned that much)
  3. Hashing will always produce a different output providing the input is different. No two hashes are the same.
In a real world example, Hashing is used to store your password safely. Have you ever used POPULAR_WEBSITE? Now lets say you are registering an account on POPULAR_WEBSITE and you type in your password you want to use...
(A presentation or diagram would be good here)
When you enter that password, that website then hashes it, and saves the hash with your account on a list where everyone's accounts are stored. (If they know databases it would be better to explain that)
When you ever want to sign into that account, you type in your password and the website will hash what you placed in the password box, and check if the hash of the password is the same as the hash of what you typed in. If it matches, it signs you in, and if it doesnt it will tell you the password is wrong. This is how websites know you typed the wrong password, even if they don't know your password.
Hashing provides confidentiality and integrity by:
  • Being able to store your password without the person storing it knowing what your password actually is.
  • Being able to tell between a correct and incorrect one by the hashes generated from both values."
(If they were understanding by this point, you could explain something like collisions or something like weak/well known hash digests like 'password123' to SHA or whatever, personally I'd avoid this for younger kids though.)
I'd then demonstrate a tool like CyberChef on their computer or your own, which can show them how hashing works in the real world.