Cryptography Reference
In-Depth Information
FIGURE 16.8
Uses of Message Digests
Digests are most commonly used for two purposes:
1.
Ensuring data integrity. This refers to methods that the recipient of data can use to deter-
mine whether or not this data has been modified. It is sometimes possible for an adver-
sary, even without knowledge of keys, to modify a message in such a way so that it
appears valid to the recipient.
2.
Providing authentication of the origin of data. This means that the recipient can ascer-
tain whether or not a message is from the entity that claims to have sent it. Signing mes-
sages in the manner described earlier can do this.
When you think about it, each of these two objectives is necessary for the other. To argue
this, consider a message of which origin you cannot be sure; then knowing whether or not
it has been modified is not useful information. On the other hand, if you cannot be sure
whether or not a message has been modified, then knowing its true origin does not help. Thus,
a digest must always be used to provide assurances of both the integrity and the authentic
origin of data.
Here are some examples of how a digest can be used to do this.
Transmission of a Digest by Secure Means
The sender of a message computes
a digest for the plaintext message. The message is sent (probably encrypted, but perhaps not
Search WWH ::
Custom Search