Welcome to the Monastery | |
PerlMonks |
Re^4: MD5 - what's the alternativeby Aristotle (Chancellor) |
on Aug 29, 2004 at 22:48 UTC ( [id://386813]=note: print w/replies, xml ) | Need Help?? |
You missed the point again. Here's how cryptographic signatures work: Alice has a pair of keys. The encryption key is secret, the decryption key is published. Alice wants to send a message to Bob such that Bob can be sure the message has not been altered in transit. To that end, she encrypts a hash of her message with her secret encryption key, attaches the encrypted hash to the message, and sends them both together to Bob, over the same channel. She does not need to encrypt her message. Bob can use Alice's published decryption key to decrypt the hash to verify the message against it, and can be sure that the message has not been tampered with.. If Eve intercepts the message, she cannot send Bob an altered message with a new hash, because it would have to be encrypted using Alice's secret. Therefore, even though the message has been sent in the clear over an insecure channel, Bob can trust it as much as he trusts Alice's published key. But if Eve can feasibly find a collision in the hash function, she doesn't have to know Alice's key; she can just pad the altered message such that it matches the hash previously calculated and encrypted by Alice. Bob can no longer trust the message any more than he could without the addition of the hash. Makeshifts last the longest.
In Section
Seekers of Perl Wisdom
|
|