Solved

Difference betwen Hash and signature

Posted on 2010-09-06
6
490 Views
Last Modified: 2012-05-10
What is the main deference between, generate Hash or sign from a private key.
0
Comment
Question by:rflorencio
6 Comments
 
LVL 8

Expert Comment

by:Gururaj Badam
ID: 33612002
A signature contains the required Private/public key to encode/hash the data (Encrypt) so it can be safely sent over the wire.

Hashing is one of process while encrypting.
0
 
LVL 52

Expert Comment

by:Carl Tawn
ID: 33612467
Hashing the data makes it unreadable and is a one-way operation (note that hashing is NOT the same as encrypting). Signing is a way of identifying and verifying the source of whatever is being hashed.
0
 
LVL 12

Expert Comment

by:Mohamed Abowarda
ID: 33612622
0
Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

 
LVL 27

Accepted Solution

by:
Tolomir earned 450 total points
ID: 33613222
Hashing some content is often used for internal processing in most cases. You hash some data and store it into the database. Since it is a one-way function you always have to hash new data to be able to compare it with already hashed data (e.g. passwords) There are well know hash algorithms like md5.

Signing a message goes the same way. You create a hash value from the message, then you use your private key to encrypt that hash string.
Someone checking the signature requires your public key to generate the original hash value (this goes without the need of a password!) then you get a hash string. Now you hash (with the same hash function as the sender used like md5) the original message and compare both hashes - if they are equal the message is unchanged.

Someone without access to the private key of the sender is not able to create a signature that can be decrypted with the senders public key, so this is quite safe.
The advantage of using a hash function is, regardless how long the original message was, you always get the same hash length.
 
I hope this explains the procedure more clearly...

Tolomir
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 33613243
I've md5 hashed my message:

98cef3ab28a226306049b774005c09ae

As you can see there is no way to get the original message back, the result of the hash function contains not enough data to be able to decrypt it.
But the hash string is perfect to fit into a signature of an email. Of cause it needs to be "encrypted" with a pgp private key to be safe from modifications.
0
 

Assisted Solution

by:andrew_smith
andrew_smith earned 50 total points
ID: 33616095
A hash allows you to detect if the message has changed since the hash was generated, typically this is checking for corruption in transit but it also allows you to detect if the message has been altered.
Of course if someone altered the message deliberately then they could generate a new hash. So a signature encrypts this with someones private key, which only the original creator should have. If you can decrypt the hash with that persons public key and it all matches up you now know that the message is intact and that it had to have come from the original sender (non-repudiation).

(we keep saying message here, but the same process scales up to files, media etc)
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question