We help to protect your own
Internet security is just like home security. You think about the risks and decide what you want to do about them. This site intention is to give you information about risks first of all and ways to meet them. Unfortunately, there is no way, yet, to get insurance against hackers taking over your PC (just like insurance against common burglary). You have to think about the risks and decide what to do yourself.

We can help you with training, installations and configuration of security products.

SOHO Data Defence

Your risks
• Identity theft 
• Computer hijacking 
• Protection against Computer hijacking 
• Risks for business 
• Business and Privacy 
Articles
• My reviews 
• Week of the Worms 
• Encryption overview 
• Slammer Virus 
Company
• Mission statement 
• Capability Statement 
• Services 
• Contact us 
IT Security Forum
Security Links
• Security Product Reviews
• Advisories
• Standards
• Encryption and Cryptography
• Wireless

<- Prev Beginning

5. Hashing algorithms

Other set of algorithms used in encryption is hashing algorithms. Hashing algorithm takes clear text (for example you password) and creates almost unique digest (another name is hash value) .

Hashing algorithms are specifically designed on such way that it is practically impossible to recover clear text from its digest. Or in plain words words: hashing is a one-way transformation of clear text.


Figure 4

Hash algorithms is used to validate the integrity of the message. For example, clear text is a financial transaction. Digest of transaction would be calculated by sender and receiver independently and then compared, using telephone call, to verify that transaction has not been tempered with on the way from sender to receiver.

6. Digital signatures

Digital signatures are used to protect authenticity and integrity of the message. It means that Digital signature makes it possible to verify who created signed document and even that this document is exactly as it was when signed. The author only can digitally sign but all intended recipients can verify both origin and integrity of signed document.

Digital signature uses a hash algorithm to create digest and then it uses encryption algorithm to encrypt hash with with the encryption key

Figure 5

Verification of Digital signature consists of three steps (see Figure 6). First digital signature gets decrypted and digest of the original message recovered, than digest of received message is calculated. Than two digests compared. Difference in digests means that message is not the same that was sent.


Figure 6

Some digital signatures are based on symmetric encryption algorithms and others based on asymmetric algorithms. As you can see from the diagram everyone who suppose to be able to verify signature has to have the decryption key. It means that symmetric encryption base digital signature has a weakness. Anyone who can verify signature can also generate one and not only the author. Oops! So while integrity of signed document is ensured origin could be anyone who can verify signature. Asymmetric encryption eliminate this weakness. Encryption key would be known for author only and decryption key would be distributed for intended audience.

<- Prev Beginning
Site news:
  • Site is back and will be updated regularely!
  • Updated: New link in Standards; Why XP SP2 is a MUST, News, Links to free Anti virus added, Dangers updated, Link to the new Personall Firewall review, IPSec advice
  • Added: MS Security Readiness Kit link added , Protection against Computer Hijacking,
    • Energy Secretary fires nuclear security chief apparently for bad information security. More here.
    13 January 2006
    No big virus out breaks for long time.
    3 January 2006

    DISCLAIMER:
    The information contained within this site is provided for informational purposes only and without any warranty whatsoever. SOHO Data Defence recommends consulting your security policy and IT security personnel when responding to any security-related information (including from this site). SOHO Data Defence is not responsible for any errors or omissions on this site. SOHO Data Defence is not responsible for the accuracy or completeness of any content of any other Web site linked to and from the SOHO Data Defence Web site.

    Copyright © 2002-2003 by Soho Data Defence, Victoria Australia All rights reserved.