previous |
start |
next
Message Digests
The digital signature method of the previous slide creates an
encrypted message. It's often preferable to leave the message as
plaintext, but append a signature which verifies its integrity. A
message digest is a one-way hash function which
has the following characteristics:
- Given
P, it is easy to calculate
MD(P). MD(P) is much shorter than the message
itself.
- Given
MD(P), it is effectively impossible
to find P.
- No one can generate two messages that have the same
MD(P).
The Internet standard for message digests is the
MD5 algorithm, invented by Rivest. Software
implementations of this algorithm are widely available. MD5
produces a 128 bit (16 byte) message digest which can be appended
to the message. Message digests such as MD5 are often referred to
as cryptograhic checksums, because they reveal
whether the message has been altered.
Typical usage of message digests combines public key cryptography
with the message digest function. In this case, a sender first
computes an MD5 digest as above, then encrypts it using her
private key, and finally appends the encrypted
digest to the message. A recipient can read the message, and can be
confident that it originated from the sender.
previous |
start |
next