Asymmetric Key Algorithms

Previously you learned about asymmetric key algorithms and you should understand that asymmetric encryption requires two keys: public and private. As a review, using the flashcards define asymmetric key encryption, public key, private key, and digital certificate. Then read the section on asymmetric encryption.

Hashing is the use of a hash function to create a message digest or checksum. The message digest or checksum created is used in order to validate the integrity of a message or file upon delivery. A hash function is a mathematical algorithm that performs one way operations on the data. This means that once a message or file has been put through a hashing algorithm there is no way to discover the original data with just the message digest or checksum

A hash value is a number generated from a string of characters. The hash is substantially smaller than the text itself, and is generated by an algorithm. It is extremely unlikely that some other text will produce the same hash value. The use of hashes plays a role in security systems to ensure that transmitted messages have not been modified or tampered with. Normally the sending system or user generates a hash of the message, then encrypts the message and sends it with the message itself. The receiving system must decrypt both the message and the hash. The hash is extracted from the received message, and the two hashes are compared. If the hash message digest is the same, the receiver can be confident that the message was transmitted intact.


Figure 3 – The hashing process

Hashing Example

Hash-based message authentication code (HMAC) is a system/process for calculating message authentication codes using a cryptographic hash function coupled with a secret key. HMAC can be used to verify both the integrity and authenticity of a message. What makes HMAC more secure than Message Authentication Code (MAC) is that the key and the message are hashed in separate steps. The video, 5 – 1 – Message Authentication Codes-Cryptography (15:15), discusses the concept of providing message integrity through implementing message authentication codes.

Hashing Vulnerabilities

There are two major vulnerabilities that occur with hashing. Collision is when two different items have matching checksums after a hash function is used. SHA is a popular algorithm chosen due to the fact that it is less likely to produce collisions. The other vulnerability occurs when hashing comes from the use of rainbow tables. Rainbow tables are precompiled tables that contain hash values matched to plaintext. The most common use of rainbow tables is in cracking passwords. In order to prevent people from using rainbow tables to crack password, salt can be added to the password.