Solved

Difference betwen Hash and signature

Posted on 2010-09-06
6
488 Views
Last Modified: 2012-05-10
What is the main deference between, generate Hash or sign from a private key.
0
Comment
Question by:rflorencio
6 Comments
 
LVL 8

Expert Comment

by:Gururaj Badam
ID: 33612002
A signature contains the required Private/public key to encode/hash the data (Encrypt) so it can be safely sent over the wire.

Hashing is one of process while encrypting.
0
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 33612467
Hashing the data makes it unreadable and is a one-way operation (note that hashing is NOT the same as encrypting). Signing is a way of identifying and verifying the source of whatever is being hashed.
0
 
LVL 12

Expert Comment

by:Mohamed Abowarda
ID: 33612622
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 27

Accepted Solution

by:
Tolomir earned 450 total points
ID: 33613222
Hashing some content is often used for internal processing in most cases. You hash some data and store it into the database. Since it is a one-way function you always have to hash new data to be able to compare it with already hashed data (e.g. passwords) There are well know hash algorithms like md5.

Signing a message goes the same way. You create a hash value from the message, then you use your private key to encrypt that hash string.
Someone checking the signature requires your public key to generate the original hash value (this goes without the need of a password!) then you get a hash string. Now you hash (with the same hash function as the sender used like md5) the original message and compare both hashes - if they are equal the message is unchanged.

Someone without access to the private key of the sender is not able to create a signature that can be decrypted with the senders public key, so this is quite safe.
The advantage of using a hash function is, regardless how long the original message was, you always get the same hash length.
 
I hope this explains the procedure more clearly...

Tolomir
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 33613243
I've md5 hashed my message:

98cef3ab28a226306049b774005c09ae

As you can see there is no way to get the original message back, the result of the hash function contains not enough data to be able to decrypt it.
But the hash string is perfect to fit into a signature of an email. Of cause it needs to be "encrypted" with a pgp private key to be safe from modifications.
0
 

Assisted Solution

by:andrew_smith
andrew_smith earned 50 total points
ID: 33616095
A hash allows you to detect if the message has changed since the hash was generated, typically this is checking for corruption in transit but it also allows you to detect if the message has been altered.
Of course if someone altered the message deliberately then they could generate a new hash. So a signature encrypts this with someones private key, which only the original creator should have. If you can decrypt the hash with that persons public key and it all matches up you now know that the message is intact and that it had to have come from the original sender (non-repudiation).

(we keep saying message here, but the same process scales up to files, media etc)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now