terça-feira, 9 de outubro de 2012

HMACSHA256/512 - Data integrity

Today, I'm studying the two algorithms bellow.

  • SHA256
  • SHA512

Computes a Hash-based Message Authentication Code (HMAC) using the SHA512 hash function.
HMACSHA256  means Computes a Hash-based Message Authentication Code (HMAC) by using the SHA256 or SHA512  hash function and the purpuse for this algoritm is maintained data that has integrity during any operation, such as transfer, storage or retrieval.

An HMAC can be used to determine whether a message sent over an insecure channel has been tampered with, provided that the sender and receiver share a secret key. The sender computes the hash value for the original data and sends both the original data and hash value as a single message. The receiver recalculates the hash value on the received message and checks that the computed HMAC matches the transmitted HMAC.
Any change to the data or the hash value results in a mismatch, because knowledge of the secret key is required to change the message and reproduce the correct hash value. Therefore, if the original and computed hash values match, the message is authenticated.

Refer: http://msdn.microsoft.com/en-us/library/system.security.cryptography.hmacsha256.aspx

I would like to you know run this samples and try to understand the difference between 256 and 512 algorithm.

Rule - Only use strong cryptographic algorithms

Only use approved public algorithms such as AES, RSA public key cryptography, and SHA-256 or better for hashing. Do not use weak algorithms, such as MD5 or SHA1. Note that the classification of a "strong" cryptographic algorithm can change over time. This article was written in
09 - october 2012.

Refer: https://www.owasp.org/index.php/Cryptographic_Storage_Cheat_Sheet

Tks Lapuinka.
Postar um comentário