Cryptography Overview
48 RSA BSAFE Crypto-C Developer’s Guide
•It is computationally infeasible to produce data that has a specific digest. In other
words, given a particular block of the proper size, it will be virtually impossible to
determine a unit of data that will digest to that particular block.
•It is computationally infeasible to produce two different units of data that
produce the same digest. In other words, given some data, it is virtually
impossible to create different data that will digest to the same block as the first.
This quality is also called collision-free.
Message digests have many uses. They can authenticate data, for instance. To create a
digest for authentication, digest the data and save the digest. Later, if you need to see
if the data has been altered, digest it again and compare the new digest to the old. If
the digests are different, the data is different. Although there will exist other sets of
data that will digest to the original value, it is virtually impossible to find them. Minor
changes in data will produce very different digests.
Crypto-C includes the MD, MD2, MD5, and SHA1 message digest algorithms. MD is
included for backward compatibility with BSAFE 1.x. MD, MD2, and MD5 produce a
16-byte digest for any input message; SHA1 produces a 20-byte digest. MD5 is the
fastest message digest algorithm implemented in Crypto-C.
Note: Recent cryptanalytic work has discovered a collision in MD2’s internal
compression function, and there is some chance that the attack on MD2 may
be extended to the full hash function. The same attack applies to MD. Another
attack has been applied to the compression function on MD5, though this has
yet to be extended to the full MD5. RSA Security recommends that before you
use MD, MD2, or MD5, you should consult the RSA Laboratories Web site at
http://www.rsasecurity.com/rsalabs to be sure that their use is consistent
with the latest information. One bulletin that discusses this issue is Recent
Results for MD2, MD4, and MD5; it can be found at
http://www.rsasecurity.com/rsalabs/bulletins/.
Message Digests and Pseudo-Random NumbersRandom number generation (for software implementation, usually pseudo-random
number generation) is a key component of cryptographic operations. Random
numbers are usually used as cryptographic keys or as a basis for generating keys.
Crypto-C uses message digest algorithms with a random seed for generating random
numbers. See “Pseudo-Random Numbers and Seed Generation” on page 92 for a
discussion of the security considerations of random number generation.