Saturday, October 13, 2007

Hashing, MACs and Digital Signatures in .NET

Hashing, MACs, and Digital Signatures in .NET


  • The reason for performing hashing is to ensure data integrity
  • Hashing is simply a process whereby you calculate a hash code from some data. The generated hash code is mathematically derived and is unique and specific for the data it was derived from.
  • This is what makes hashing extremely useful in checking if data has been modified or damaged since it was either last saved or sent over the network.
  • For example, Bob sends Alice some data and Alice wants a means to check if the data has been modified. Bob creates a hash code of his data and sends both the data and the hash code to Alice. Alice then creates her own hash code from Bob's data using the same hashing algorithm used by Bob and compares her hash code against Bob's hash code. If there is a match then the data has not been modified.
  • Some hashing algorithms include MD5, SHA1, and SHA256.

Message Authentication Codes (MAC)

  • Hashing does not provide security against attack
  • MACs use symmetric encryption methods to protect the sent hash. Symmetric encryption uses one private session key and both the sender and receiver require to have a copy of this key.
  • For example, Bob sends Alice some data. He generates a hash of the data and encrypts the hash using the symmetric key. Both the data and the encrypted hash are sent to Alice.
    Alice, who also has the session key, generates her own hash from the data and encrypts it using the session key. She then checks her encrypted hash against the encrypted hash Bob sent. If they match the data is unchanged. Any man in the middle attacks no longer work as the middle man does not have the session key and therefore cannot generate a valid encrypted hash for the message.
  • Essentially a MAC is just an encrypted hash. It's a combination of an encryption session key and a hashing algorithm.
  • Some example methods available in .NET include HMACMD5 a MAC algorithm based on MD5 hashing, and HMACSHA1 a MAC algorithm based on SHA1 hashing.

Digital Signatures

  • Digital signatures are an adaptation of MAC that provide the same advantages but with the added ability to verify the data's source/sender. MACs only verify that the data never changed but they cannot be used to check that the data actually came from the person who claims to have sent it.
  • The only real difference in MAC and digital signatures is the key used to encrypt the hash. In MACs the key is a shared symmetric session key. In digital signature the keys used are public/private asymmetric keys.
  • With digital signatures the sender encrypts the hash using their private key while the receiver verifies the digital signature using the sender's public key. Of course since the public key is more freely available then anyone can verify the message's source.
  • For example, Bob wants to send Alice some data and Alice wants to be able to check the data was unchanged and came from Bob. Bob creates the hash and encrypts it into a digital signature using his private key. He sends the data and the digital signature over to Alice.
    Alice uses Bob's public key to verify that the digital signature was created using Bob's corresponding private key. If everything checks out then Alice knows the message hasn't been modified and that it came from Bob.
  • .NET provides DSA and XML Digital Signatures for creating digital signatures.

blog comments powered by Disqus