Go backward to Widely used encryption standards
Go up to Top
Go forward to Digital Cash
A word about Cryptographic hashing
- Given that the semester is ending in a few minutes, I won't say
a lot about cryptographic hash functions. Having mentioned
them earlier, however, I feel obliged to briefly explain what
they are.
- Basically, a cryptographic hash function is somewhat like a checksum.
The idea is that given a message, one computes a checksum
that somehow summarized the message in a way that makes it
unlikely that another message produced randomly (or deliberately)
will have the same checksum.
- The extra properties that make a cryptographic has different
from a checksum are that:
- Given one messages hash it should be hard to find another
message with the same hash.
- It should be hard to find any two messages with the same
hash.
- The best known use of such functions is password encrypting.
- It is dangerous to store passwords in a file that could
later be read (even if reading it would require decryption).
- Instead, many systems only store "hashes" of the passwords.
When a password is entered, it is hashed and the result
is compared to the stored hash.
- Since it is hard to find a password with a given hash,
being able to read the file does not help one guess
passwords.
- Hashes are also sometimes used to reduce the cost of "signing"
messages. Instead of actually signing the message, one can
just sign a hash of the message. If hashing is cheaper than the
encryption scheme used for signing this saves effort.
Computer Science 336
Department of Computer Science
Williams College