Integrity verifies that data has not been modified. If you’re planning to take the Security+ exam, you should have a basic understanding of appropriate cryptographic methods. This includes using hash-based message authentication code that provides both integrity and authenticity of messages.
For example, can you answer this question?
Q. Users in your organization sign their emails with digital signatures. What provides integrity for these certificates?
A. Hashing
B. Encryption
C. Non-repudiation
D. Private key
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
HMAC
Another method used to provide integrity is with a Hash-based Message Authentication Code (HMAC). An HMAC is a fixed-length string of bits similar to other hashing algorithms such as MD5 and SHA-1 (known as HMAC-MD5 and HMAC-SHA1). However, HMAC also uses a shared secret key to add some randomness to the result and only the sender and receiver know the secret key.
For example, imagine that one server is sending a message to another server using HMAC-MD5. It starts by first creating a hash of a message with MD5 and then uses a secret key to complete another calculation on the hash. The server then sends the message and the HMAC-MD5 hash to the second server. The second server performs the same calculations and compares the received HMAC-MD5 hash with its result. Just as with any other hash comparison, if the two hashes are the same, the message retained integrity, but if the hashes are different, the message lost integrity.
The HMAC provides both integrity and authenticity of messages. The MD5 portion of the hash provides integrity just as MD5 does. However, because only the server and receiver know the secret key, if the receiver can calculate the same HMAC-MD5 hash as the sender, it knows that the sender used the same key. If an attacker was trying to impersonate the sender, the message wouldn’t pass this authenticity check because the attacker wouldn’t have the secret key. Internet Protocol security (IPsec) and Transport Layer Security (TLS) often use a version of HMAC such as HMAC-MD5 and HMAC-SHA1.
Remember this
Two popular hashing algorithms used to verify integrity are MD5 and SHA. HMAC verifies both the integrity and authenticity of a message with the use of a shared secret. Other protocols such as IPsec and TLS use HMAC-MD5 and HMAC-SHA1.
Hashing Files
Many applications calculate and compare hashes automatically without any user intervention. For example, digital signatures (described later) use hashes within email, and email applications automatically create and compare the hashes.
Additionally, there are several applications you can use to manually calculate hashes. As an example, md5sum.exe is a free program anyone can use to create hashes of files. A Google search on “download md5sum” will show several locations. It runs the MD5 hashing algorithm against a file to create the hash.
Imagine that you downloaded a patch file from a vendor’s site. Before posting the files to the web site, an administrator used a program (such as md5sum) to calculate the hash of the file and posted the hash as an MD5 checksum of 367f0ed4ecd70aefc290d1f7dcb578ab.
After downloading the file, you can calculate the hash to verify the file hasn’t lost integrity. The following figure shows one method of calculating the hash of the file. In the figure, I first used the dir command to list the two files in the directory (applicationPatch.exe and md5sum.exe). I then ran md5sum against the patch file three times. Each time, md5sum created the same hash 367f0ed4ecd70aefc290d1f7dcb578ab.
Calculating a hash with md5sum
The figure demonstrates two important points:
- The hash will always be the same no matter how many times you calculate it.
In the figure, I ran md5sum three times, but it would give me the same result if I ran it 3,000 times. - Hashing verifies the file has retained integrity.
Because the calculated hash is the same as the MD5 checksum posted on the vendor’s site, it verifies the file has not lost integrity.
In contrast, if md5sum created a different hash than the one posted on the web site, I’d know that the file lost integrity. I wouldn’t necessarily know why the file lost integrity. An attacker may have infected it with malware, or it may have lost a bit or two during the transfer. However, I do know that the integrity of the file is lost and the file should not be trusted.
It’s worth stressing that hashes are one-way functions. In other words, you can calculate a hash on a file or a message, but you can’t use the hash to reproduce the original data. The hashing algorithms always create a fixed-size bit string regardless of the size of the original data.
As an example, the MD5 hash from the message “I will pass the Security+ exam” is: 5384128261CF2EEA6D90ADACE48CD41B. However, you can’t look at the hash and identify the message, or even know that it is a hash of a message.
The hash shown in the figure was calculated on a 35 MB executable file. However, the hash doesn’t give you a clue about the size of the file, the type of the file, or anything else. It could just as easily be a single sentence message, a 10 KB email, a 7 GB database file, or something else.
Q. Users in your organization sign their emails with digital signatures. What provides integrity for these certificates?
A. Hashing
B. Encryption
C. Non-repudiation
D. Private key
Answer is A. Hashing provides integrity for digital signatures and other data.
A digital signature is a hash of the message encrypted with the sender’s private key, but the encryption doesn’t provide integrity.
The digital signature provides non-repudiation, but non-repudiation does not provide integrity.
The private key and public key are both needed, but the private key does not provide integrity.