About our courses

Through years of experience working with more than 1000 top companies in the world, we ́ve architected the Readynez method for learning.
Train in any technology using the award-winning Readynez method and combine any variation of learning style, technology and place, to take learning ambitions from intent to impact.

Learn more about Readynez Training

Kevin Henry - Understanding Cryptography: The Assurance of Message Integrity

Aug 2021 by MARIA FORSBERG

Continuing this discussion in the area of Cryptography, we need to look briefly at how we ensure message integrity.

In the early days of network communications, we saw that noise on the transmission lines and cables often led to errors in the transmitted message. Most older cables were subject to static interferences and this could cause a bit to flip to a different value as it was being transmitted. 

To overcome this, the idea of parity bits was introduced, using a simple XOR (Exclusive-OR) calculation that would indicate the error. The use of check-digits that were built into catalogue numbers or payment card numbers could help ensure that those values were also correct. 

The integrity of the file on a floppy drive or CD (Compact Disk) was proven through the use of Cyclic Redundancy Checks (CRC). All of these methods provided some basic protection against errors, especially when the errors were not introduced intentionally.    

What are hashing algorithms?

The development of hashing algorithms allowed a higher degree of accuracy, hence, even more assurance. 

A hashing algorithm runs a mathematical calculation against an entire message and generates a value or digest (also known as a message digest, hash, fingerprint, or thumbprint). The digest itself is a fixed-length value, usually shorter than the message, but since it is calculated against the entire message it is very sensitive to any changes, anywhere in the message. An alteration of one bit in the message will typically result in at least 40% of the associated hash value changes. 

What are the most commonly used?

Hashing algorithms commonly in use include the Message Digest series MD4 and MD5, (these are still in use even though they are at end of life and should only be used in legacy applications, and MD6. There is also the Secure Hashing Algorithms SHA-1, SHA-2 (which is SHA-256 and SHA-512). 

The next hashing standard, SHA-3, although this standard maintains the SHA naming convention it is in fact a completely different from previous versions and is based on an algorithm known as Keccak. SHA3 is not an upgrade from earlier versions of SHA but rather a direct replacement.

The digest calculated from the message is sent along with (appended to) the message. The recipient (a system, process, or person) will run the received message through the same algorithm. This will generate a digest of the received message that should be the same as the digest that was appended to the message. 

This proves that the message received was the same as the one that was sent. However, this process may be subject to a MITM (Man in the Middle) attack. A Man-in-the-Middle would be able to change or modify both the message and the appended hash and deceive the recipient into thinking that the altered message was the one that was sent. 

So in our next blog, we will examine how to protect a simple message integrity process from an intentional attack.    

Are you with us so far? Keep an eye out for the next blog in the series, or join us for a training course, if you´re keen to learn faster.

We love to teach and share our passion – come join us at Readynez :)

You may be interested in these 1-day Masterclasses with Kevin:

You´re invited to join this live learning experience in a virtual space where you will get full access to insights and innovation from the true authorities.

We think you´re going to love these - Learn more and book directly on the links below:

 

Security - with Kevin Henry

Live Virtual Masterclass: CISSP Overview

Live Virtual Masterclass: CISM Overview

 

Come alone or bring your team for a strengthened direction with a tangible impact - but, don´t wait too long to book - seats are obviously very limited for this unique experience.

About Kevin Henry:

Your instructor has probably taught more IT-Security students than anyone else in the world and helped thousands of people prepare for the examination. As the former co-chair of the ISC2 CISSP CBK, he will provide you with valuable insight into the do's and don'ts of Security training and provide tips on how to plan your own training roadmap. 

Learn more about Kevin here

GET INSPIRED

Latest from the blog

How to Pass the PL-200 exam and become a Microsoft Certified Power Platform Functional Consultant

READ MORE

How to clear the PL-300 exam and become a Microsoft Certified Power BI Data Analyst

READ MORE

MB-300 Exam Preparation and How to become a Microsoft Dynamics 365 Core Finance and Operations Consultant

READ MORE

3 Tips to get prepared

Facilities

Latest resources, technology and programs for all our candidates.

Culture

Educate and create a security culture.

Plan

Address communications with clients, employees, suppliers, media and regulatory bodies.

Are you ready for a new career?

For over a decade, Readynez consultants have been enabling digital transformation with cutting-edge Training, Talent and Learning Services in every type of business – big and small. All over the world.

Where do you start?
With Readynez services that support every vision, you will soon be ready for the future, with speed and reliability.

Subscribe to Tech Blogs

Stay up to date on current developments in the Tech world related to Skills.

Basket

{{item.CourseTitle}}

Price: {{item.ItemPriceExVatFormatted}} {{item.Currency}}