Message Digests - basic building blocks
A message digest is a 16-, 20-, 32-byte 'fingerprint' of a message.
Message digests are central to digital signatures.
When a message is signed, its contents are first hashed to give a
message digest.
The digest is then encrypted with the sender's secret key,
giving a proof of the sender's identity.
A good digest must have the properties:
- An absence of collisions.
Unlike simpler file checksums, which quickly demonstrate file or
data integrity,
it must be hard to find two messages with the same digest.
- Must not be invertible.
Digests are deterministic many-to-one functions.
- A uniform distribution of results.
A change in just one input bit should affect at least half the output bits.
Simple changes to even a single byte (even a single bit)
should result in dramatic changes to the digest:
- The winner is Sydney
2f8eff80630eb401b0038d8df420719b
- The winner is Sydey
f2b91cf6f8ad805a127182e8a46d450f
Some popular message digests:
- MD2 and MD5: developed by RSA, producing 16-byte hashes.
Research in 1994 found weaknesses in collision frequencies.
- RIPEMD-160: The European standard
producing 20-byte hashes.
- SHA-1, SHA-2 and SHA-256 are specified by the US government
for their DSA, outputting 20-byte hashes.
From 2004:
MD5 To Be Considered Harmful Someday.
CITS3002 Computer Networks, Lecture 12, Cryptography's role in networking, p17, 22nd May 2024.
|
CITS3002