Page 431 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 431
Hash Functions
Later in this chapter, you’ll learn how cryptosystems implement digital
signatures to provide proof that a message originated from a particular
user of the cryptosystem and to ensure that the message was not
modified while in transit between the two parties. Before you can
completely understand that concept, we must first explain the concept
of hash functions. We will explore the basics of hash functions and
look at several common hash functions used in modern digital
signature algorithms.
Hash functions have a very simple purpose—they take a potentially
long message and generate a unique output value derived from the
content of the message. This value is commonly referred to as the
message digest. Message digests can be generated by the sender of a
message and transmitted to the recipient along with the full message
for two reasons.
First, the recipient can use the same hash function to recompute the
message digest from the full message. They can then compare the
computed message digest to the transmitted one to ensure that the
message sent by the originator is the same one received by the
recipient. If the message digests do not match, that means the message
was somehow modified while in transit. It is important to note that the
messages must be exactly identical for the digests to match. If the
messages have even a slight difference in spacing, punctuation, or
content, the message digest values will be completely different. It is
not possible to tell the degree of difference between two messages by
comparing the digests. Even a slight difference will generate totally
different digest values.
Second, the message digest can be used to implement a digital
signature algorithm. This concept is covered in “Digital Signatures”
later in this chapter.
The term message digest is used interchangeably with a
