WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search






Table Of Contents  CertiGuide to Security+
 9  Chapter 4:  Basics of Cryptography (Domain 4.0; 15%)
      9  4.1  Algorithms
           9  4.1.1  Hashing

Previous Topic/Section
4.1.1  Hashing
Previous Page
Pages in Current Topic/Section
1
Next Page
Ensuring Even Distribution of Hash Values
Next Topic/Section

Message Digest as a Message Fingerprint

Statistically speaking, it is possible for there to be multiple documents whose hashes are the same, since you are identifying a potentially large item (a document) by a smaller key value.

Fortunately, it is also unlikely that two documents with the same hash value both make sense – one is likely to be a series of random characters that just happens to result in the same hash value, or “sum”. It would be obvious to the user upon seeing the document, that something is wrong with it. It is considered computationally infeasible to modify the content of a message or program while retaining the same sum, and have the modified content be a reasonable replacement for the original, rather than obviously invalid gibberish. It’s not necessarily impossible to do this, but with most hashing algorithms, it would take a prohibitively large amount of time to find another plausible document with the same hash value. For some information on duplicate hash value related issues in MD5, see this informational page on MD5.389

Often, but not universally, the longer the hash value produced by the hashing algorithm (assuming it is a mathematically-good algorithm from a crypto standpoint), the less susceptible it is to this sort of attack. This is one of the reasons that the SHA-1 hashing algorithm is considered by some to be stronger than MD5. As we mentioned earlier, the SHA-1 algorithm produces a 160-bit message digest, while the MD5 algorithm’s message digest is only 128-bits. To account for increased computer processing speeds, even stronger versions of the SHA, which produce message digests of 256 or more bits, have recently been standardized.390 Another hashing algorithm you may encounter in your digital travels is RIPEMD-160, considered to be on a par with SHA-1.

Figure 38: There is not enough data in a hash to determine what the original data contained.

 


 __________________

389. http://home.pacbell.net/tpanero/crypto/md5.html

390. http://csrc.nist.gov/encryption/tkhash.html

Previous Topic/Section
4.1.1  Hashing
Previous Page
Pages in Current Topic/Section
1
Next Page
Ensuring Even Distribution of Hash Values
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.