Data integrity authentication schemes.

In this Ask the Expert Q&A, Joel Dubin, our identity and access mangement expert examines various data integrity authentication schemes.

Joel Dubin

Is there a data integrity authentication scheme, like message authentication code (MAC), that will allow me to authenticate the integrity of the data without attaching MAC?

Message authentication code (MAC) is probably still your best bet if you want to authenticate the integrity of your data. However, if you'd prefer not to use MAC, another option is to use hashing algorithms.

The key is to check the integrity of your data, rather than authenticate the user. Hashing algorithms alone serve this purpose fine. Unlike MAC, they don't require keys to create the hash. Instead, they rely on standard, readily-available algorithms. A popular hashing algorithm is MD5, which is universally supported on both UNIX and Windows with standard tools, some already bundled with the operating system, others free for download on the Web. MD5 is a 128-bit one-way hash, which means it can only be encrypted, but it also doesn't need to be decrypted. But that's not the point because hashing isn't about confidentiality. It's about integrity. For example, the hashed message can be sent separately from the original message. The receiver can take the message, use an MD5 tool to hash it on their side, and then compare it with the hash sent with the original message. If the two match, then the message hasn't been touched or altered in transit.

This was last published in March 2006

Data integrity authentication schemes.

In this Ask the Expert Q&A, Joel Dubin, our identity and access mangement expert examines various data integrity authentication schemes.

Dig Deeper on Data security strategies and governance

MD5

MD5 vulnerability renews calls for faster SHA-256 transition

Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool

Pretty Good Privacy (PGP)

Related Q&A from Joel Dubin

What's the purpose of CAPTCHA technology and how does it work?

Single sign-on best practices: How can enterprises get SSO right?

Options for a mechanical door security system on a server room door

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

Boost security with a multi-cloud workload placement process

Tackle identity management in the cloud with AaaS or IDaaS

Benefits of cloud data discovery tools and services multiply

SearchNetworking

RSA 2020: US needs allies to battle China's 5G threat

Networking startup Arrcus wins TechTarget innovation award

What do 2G and 3G sunset dates mean for business customers?

SearchCIO

Quantum information science continues to advance with federal efforts

Hyperautomation: The most significant RPA trend of 2020

How ITSM services on mobile devices power employees, boost service

SearchEnterpriseDesktop

Windows 10X OS may be a preview of features to come

5 up-and-coming Mac management software vendors to know

Latest Windows 10 update issue another QA stain

SearchCloudComputing

Get to know the core Oracle IaaS offerings

Compare serverless tools and services in the public cloud

Review the pros and cons of 8 common hybrid cloud use cases

ComputerWeekly.com

CIO interview: Ian Cohen, chief product and technology officer, Addison Lee

NCSC makes ransomware attack guidance more accessible

Student Loans Company to enlist IT suppliers for £200m transformation plan