Link to home
Start Free TrialLog in
Avatar of James Bunch
James BunchFlag for United States of America

asked on

Understanding Hash Functions, Network+ Exam

Hello,

       I am running through the securing TCP/IP of the N10-06 certification and having difficulty understanding the use of Hash. I get the process of using the algorithm to change the data, but what I don't understand is how that is applied and how it is decrypted on the receiving side to get the data. I have read that it is a One-Way system and cannot be decrypted, but if that is the case how does the recipient decrypt it? Is there a public key sent with the hash and what portion of my computer actually does the decryption. I've been Googling on this a while and reading Mike Myers book as well as Professor Messers video on it, but I am only getting vague descriptions on the intent and concept but not how its staged and executed. Does anyone have any sage advice on this?

Thanks!
SOLUTION
Avatar of Alan
Alan
Flag of New Zealand image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of James Bunch

ASKER

@Alan So the HASH itself does not contain the data directly like in cipher blocks or streams, its just a equation used on both ends to verify it matches exactly? Kind of like the concept of FCS of a frame? So the hash AND the data are sent to the recipient and then the receiving system runs the hash "Re-Hash" and compares its answer with the one that came from the sender?

If this is so, do the hash and data go at the same time, or does it act kind of like  a certificate when accessing a secure site. You request data, the hash is sent to you and when its confirmed you received it then the data comes in a sequential transmission?

Sorry to ask so many questions. It is just hard to move forward with learning this stuff if I don't feel 100% confident I get the process.
@Dr. Klahn  
At no time did the actual password travel over the network - though the connection should obviously be encrypted, even though the password is salted.

Your response was submitted when I was responding to Alan, sorry. But with your quote above, since the hash has not been submitted at this point of verification, once the systems agree the data is valid, does it then send the password across? Or does it not even need too since the authentication system knows the hash is valid and assumes from that point.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Dr. Klahn
Dr. Klahn

That would depend on the programs using the communication channel.  However, if the systems are using hash confirmation, there is probably no value in sending the password because the receiving system probably does not know the password.  All it has stored is the hash, or possibly hashes if multiple hash algorithms are being used.
Okay now some of these details in the book/study material are making sense based off of the responses. Thank you all for elaborating, you are awesome!