Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 4:  Basics of Cryptography (Domain 4.0; 15%)
      9  4.1  Algorithms
           9  4.1.1  Hashing

Previous Topic/Section
Message Digest as a Message Fingerprint
Previous Page
Pages in Current Topic/Section
1
Next Page
4.1.2  Symmetric
Next Topic/Section

Ensuring Even Distribution of Hash Values

Because of the potential for collisions (duplicate hash values for different documents), designers of hashing functions take extra care to ensure an even distribution of hash values. That is, they want to make sure that if there are 16 possible hash value results that approximately as many documents hash to a value of ‘9’ as to ‘13’. If 99% of documents hash to ‘15’ using a particular hashing algorithm, that algorithm doesn’t have an even distribution and is thus weaker than those that do. Because of the requirement for an even distribution of hash values, good hashing algorithms tend to be computationally complex, taking a relatively significant amount of CPU time to perform. The evenness of distribution doesn’t have to be perfect, but the more well distributed potential hash values are, the more difficult it is to attack the problem of finding a plausible duplicate document.

It is impossible to ascertain the contents of a program or message from the hash value alone. That is, the hashing algorithm is one way. You can put a document through a hashing algorithm and get back a hash value as a result. However, you cannot put a hash value through a hashing algorithm and get back the original document as a result. Why is this? For the same reason that a bitmap compressed into a JPEG file can’t be turned back into the original bitmap with complete accuracy – the hash is only a “summary” of the original document, and some information is lost during the summarization process.

Odds Are?

It is possible (but not necessarily likely) for different documents to have the same hash value.

However, it is considered computationally infeasible to modify a message and have it hash to the same sum as the original message, in a way that is not obviously detectable. Most likely, other messages hashing to the same sum would appear to be gibberish.

It is impossible to determine the contents of a message from the hash value alone. This means that the hashing algorithms in common use are “one-way”.



Previous Topic/Section
Message Digest as a Message Fingerprint
Previous Page
Pages in Current Topic/Section
1
Next Page
4.1.2  Symmetric
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.