Frequently Asked Questions For
Information Security Intelligence: Cryptographic Principles & Applications

It is common, for performance reasons, to sign a message digest of a message rather than the message itself. Why is it so important that it be difficult to find two messages with the same message digest?

The concept of a message digest is to create a one way function that maps a message of an arbitrary length to a fixed length output, via a method which is impossible to reverse. By successfully creating this scheme we can perform integrity checks on data and verify the identity of a sender (via a cryptographic checksum (MAC) or digital signature). It can be said that if two messages map to the same message digest (as was the case with SHA) then the method is broken and not valid. This is because if two messages map to the same message digest then it would be feasible for the attacker to perhaps (as unlikely as that might be) alter or substitute a message to the receiver without him/her knowing that the message has been changed or is fraudulent (in the case of a MAC).


Many of the answers to FAQs are from lectures presented at JWU.