Archive-name: cryptography-faq/part07
Last-modified: 93/10/10
This is the seventh of ten parts of the sci.crypt FAQ. The parts are mostly independent, but you should read the first part before the rest. We don't have the time to send out missing parts by mail, so don't ask. Notes such as ``[KAH67]'' refer to the reference list in the last part.
The sections of this FAQ are available via anonymous FTP to rtfm.mit.edu
as /pub/usenet/news.answers/cryptography-faq/part[xx]. The Cryptography
FAQ is posted to the newsgroups sci.crypt, talk.politics.crypto,
sci.answers, and news.answers every 21 days.
Contents:
7.1. What is a one-way hash function?
7.2. What is the difference between public, private, secret, shared, etc.?
7.3. What are MD4 and MD5?
7.4. What is Snefru?
7.1. What is a one-way hash function?
A one-way hash function can be private or public, just like an encryption function. Here's one application of a public one-way hash function, like MD5 or Snefru. Most public-key signature systems are relatively slow. To sign a long message may take longer than the user is willing to wait. Solution: Compute the one-way hash of the message, and sign the hash, which is short. Now anyone who wants to verify the signature can do the same thing.
Another name for one-way hash function is message digest function.
7.2. What is the difference between public, private, secret, shared, etc.?
A public-key cryptosystem has public encryption and private decryption. Checksums, such as the application mentioned in the previous question, have public hashing and public verification. Digital signature functions have private hashing and public verification: only one person can produce the hash for a message, but everyone can verify that the hash is correct.
Obviously, when an algorithm depends on a private key, it's meant to be unusable by anyone who doesn't have the key. There's no real difference between a ``shared'' key and a private key: a shared key isn't published, so it's private. If you encrypt data for a friend rather than ``for your eyes only'', are you suddenly doing ``shared-key encryption'' rather than private-key encryption? No.
7.3. What are MD4 and MD5?
Note that a transcription error was found in the original MD5 draft RFC. The corrected algorithm should be called MD5a, though some people refer to it as MD5.
7.4. What is Snefru?
Return to Cryptosystems Journal Home Page
Next Page ("Crypto FAQ Part 6 of 10")
Previous Page ("Crypto FAQ Part 8 of 10")
Copyright © 1996 Cryptosystems Journal.
Most recent update on 28-SEP-96.
E-Mail to: Tony S. Patti, Editor & Publisher.