The key is to check the integrity of your data, rather than authenticate the user. Hashing algorithms alone serve this purpose fine. Unlike MAC, they don't require keys to create the hash. Instead, they rely on standard, readily-available algorithms. A popular hashing algorithm is MD5, which is universally supported on both UNIX and Windows with standard tools, some already bundled with the operating system, others free for download...
on the Web. MD5 is a 128-bit one-way hash, which means it can only be encrypted, but it also doesn't need to be decrypted. But that's not the point because hashing isn't about confidentiality. It's about integrity. For example, the hashed message can be sent separately from the original message. The receiver can take the message, use an MD5 tool to hash it on their side, and then compare it with the hash sent with the original message. If the two match, then the message hasn't been touched or altered in transit.
Dig Deeper on Enterprise Data Governance
Related Q&A from Joel Dubin, past SearchSecurity.com expert
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access ...continue reading
Picture passwords for mobile device security aren't a new idea, but they have been recently improved. Identity and access management expert Joel ...continue reading
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.