Hashing
shawnfjohnson
Member Posts: 5 ■■■□□□□□□□
in CISSP
I know hashing = Integrity. Questions are confusing when they are referring to hashing on the test. Sometimes they talk hashing the private key and sometimes they talk about hashing the entire message (text). Am i interpreting things differently? How do I get around the gotcha's with these questions on the test? Sorry for the dumb question.
Comments
Your example is the use of hashing in public key cryptography to test if a decrypted key or message has not changed since it was originally encrypted. The purpose of the hashing is the same for both the key and the message, but when, why, and how hashing is used is determined by the design of the public key cryptosystem. Understand the cryptosystem and you will understand its use of cryptographic hashing.
And there's never any dumb questions here!
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
For latter - PBDF, BCRYPT, SCRYPT - where the random salt is appended to the message and you apply your key algorithm to the message - e.g. HMAC 256. These are slower in nature thus harder for brute force attacking that's why used to hash your secrets/passwords.
Sorry for digressing. But the key thing is that you either add your public key (shared secret) to the message and hash it => called HMAC. Or you simply hash the message as part of your TLS connection - which will be your standard MAC function (e.g. MD5, SHA1 etc). If not part of the TLS tunnel, I believe its the actual contents of the message that is hashed and sent along which is then checked to see if the hash value is the same - if so then message integrity in tact.