Submitted by heartin on Thu, 11/14/2019 - 11:45
Following are some of the most important points related to digital certificates and hashing, for passing exams and for general understanding.
- Hashing is the process of converting a variable length input into a fixed length output.
- Hashing is a one-way only conversion. We should not be able to get back the original input from the hash function.
- Two inputs generating the same hash output is known as collision. An ideal hash function should avoid collision.
- Hashing is generally used to verify the integrity of a file or document in transmit. We generate hash of the message before transit and send it along with the message. Receiver generates the hash of the message again and compare it with the hash received after transmission.
- While asymmetric encryption is generally used to achieve confidentiality, message digest (hashing) is generally used to achieve integrity.
- Popular hashing algorithms include MD5, SHA-1, SHA-256, SHA-384, SHA-512, RIPEMD-160 etc. MD in MD5 stands for Message Digest. SHA stands for Secure Hash Algorithm.
- Hashed Message Authentication Code (HMAC) is a special hash value that includes a symmetric key. As a key is also needed to generate an HMAC, it verifies the data origin apart from integrity of data.
- TLS and IPSec protocols uses HMAC to verify the integrity of transmitted data.
- A digital signature is a special case of a message digest that is encrypted using a private key.
- As the private key is available only to the sender, a digital signature help us achieve non-repudiation (sender cannot deny sending message) apart from verifying integrity of data.
- In digital signatures, only the message digest (hash) is encrypted using private key and not the complete message.
- Digital signatures require two algorithms, one for hashing (MD5, SHA1 etc.) and one for generating a digital signature (RSA, Digital Signature Algorithm (DSA) etc.).
- heartin's blog
- Log in or register to post comments
Recent comments