About One-Way Hashes And Digital Signatures - Symantec 10551441 - AntiVirus Corporate Edition Reference Manual
Reference guide
Hide thumbs
Also See for 10551441 - AntiVirus Corporate Edition:
- Administrator's manual (216 pages) ,
- Installation manual (174 pages) ,
- Client manual (91 pages)
Table of Contents
Advertisement
Cryptography basics
31
About one-way hashes and digital signatures
About one-way hashes and digital signatures
A one-way hash is an algorithm that takes the contents of a variable-length
computer file (message) and produces a fixed-length value. This fixed-length
value has at least three names: hash, hash value, and message digest. If you
change one bit in the computer file and then rerun the hashing algorithm on the
file, the second value differs from the first value.
For example, suppose that you create an unencrypted file that contains the
name of a one-way hashing algorithm, generate a hash value for the file, and
send the file to a friend along with the hash value. Upon receipt, your friend
reads the file, notices the name of the hashing algorithm, uses this algorithm to
generate a hash value on the same file, and compares the values. If the values
match, your friend knows with certainty that the file contents have not been
altered or tampered with. If the values do not match, your friend knows that the
file contents have been altered and does not trust the information in the file.
If you want your friend to know with certainty that the unencrypted message
came from you, you encrypt the hash value by using your private key. Upon
receipt, your friend decrypts the hash value by using your public key. If
decryption is successful, your friend knows with certainty that the message
came from you because only you possess your private key. To verify the
integrity of the file, your friend then recalculates the hash value and compares it
to the value that you sent with the message.
A hash value that is encrypted with a private key is called a digital signature.
The digital part of the term implies 1s and 0s. The signature part of the term
implies the uniqueness of a fingerprint, and the identity of the person who
encrypted the hash value is known with certainty. The act of encrypting a hash
value with a private key is called signing.
These concepts form the foundation for understanding how SSL uses digital
certificates. Modern implementations of one-way hashing algorithms include
MD4, MD5, and SHA.
Advertisement
Table of Contents
