Message digest is a cryptographic hash function containing a string of digits created by a one way hashing formula. And is a fixed size numeric representation of the contents of a message, computed by a hash function.
It protects the integrity of a piece of data or media to detecct changes and alterations to any part of a message.
**This term is also known as a hash value and sometimes as a checksum.
Message digests can be produced on UNIX systems with MD5 command, and are stored on systems and can reveal if any unauthorized user has accessed a file. But MD5 is unreliable with problems relating to collision and it is no longer used.
Besides MD5, SHA and CRC32 are other message digest algorithms.
Cryptography/Cipher:
Cryptography is the process of converting between readable text, called plain text, and an unreadable form called cipher text.
This occurs in the below phases:
Encryption/Encipherment: Sender Converting plaintext message to ciphertext.
Decryption/Decipherment: Receiver converts the ciphertext message back to its plaintext form.
There are two classes of algorithm:
1) Those that require both parties to use the same secret key. Algorithms that use a shared key are known as symmetirc algorithms
2) Those that use one key for encryption and a different key for decryption. One of these must be kept secret but the other can be public. Algorithms that use public and private key pairs are known as asymmetric algorithms.
Strength:
Asymmetric algorithms require large keys,
1024 bits Low-Strength asymmetric key
2048 bits Medium-Strength asymmetric key
4096 bits High-Strength asymmetric key
Symmetric keys are smaller, 256 bit keys gives strong encryption.
Block cipher algorithm:
These algorithms encrypt data by blocks. Example RC2 algorithm from RSA Data Security Inc. Uses block of 8 bytes long.
Stream cipher algorithm:
These algorithms operate on each byte of data. Stream algorithms are typically faster.
Digital Certificates:
Digital certificates protect against impersonation, certifying that public key belongs to a specified entity. They are issued by a certificate Authority.
Digital certificate binds a public key to its owner, whether that owner is an individual, a queue manager, or some other entity. Digital certificates are also known as public key certificates.
1) When the certificate is for an individual entity, the certificate is called a personal certificate or user certificate.
2) When the certificate is for a certificate authority, the certificate is called a CA certificate or signer certificate.
Public Key Infrastructure (PKI):
A PKI is a system of facilities, policies and services that supports the use of public key cryptography for authentication the parties involved in a transaction.
***
Credits:
https://www.techopedia.com/definition/4024/message-digest
https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_7.1.0/com.ibm.mq.doc/sy10490_.htm
***
No comments:
Post a Comment