Use cryptographic hashes for validation

Use cryptographic hashes for validation By Chad Perrin, Special to ZDNet Asia Tuesday, December 23, 2008 11:14 AM   You can use cryptographic hash functions to provide a little more security when exchanging files. A lot of functionality of software that helps us maintain secure computing environments depends on cryptographic hash functions. The idea behind the design of most cryptographic hash functions is to use a block cipher algorithm that, given an input string, produces a different output string that is unique to that input. For instance, if you input the string "Keep it simple!" and get "a" as your output, this is only really useful if no other input string produces "a" as its output. The output of a cryptographic hash function is of fixed length: no matter how long the input string, whether three characters long or three million, the output string will always be the same length. This output should, as already mentioned, be unique to the input so that changing a single character produces a different output string (known as a "hash" or "checksum"). Furthermore, predicting the output hash of a given string should be effectively impossible. These cryptographic hash functions serve myriad purposes. Read more » Recent IT Security TechGuides   Safest way to sanitize input Sanitizing user input is a critical part of secure software development, but software can be made more secure by avoiding having to sanitize input altogether. Tuesday, December 16, 2008 12:43 PM Find more stories in::  Software engineering/development, Data security, Security Management Simple hardware approaches to secure laptops Find out some ways to quickly and easily enhance the security of employees' personal laptops with a limited budget. Tuesday, December 09, 2008 11:45 AM Find more stories in::  Security, Hardware DNS resource records still open to malicious redirection Attacks against DNS cache integrity are an easy way for criminals to redirect your unsuspecting users to malicious sites. Learn more about how DNS works and what exactly DNS cache poisoning is. Tuesday, December 02, 2008 03:18 PM Find more stories in::  LANs and WANs, Network security, Domain names

Latest TechGuides Cluster configuration recovery tools in Server 2008 Use Dovecot for POP3/IMAP services Microsoft embraces open source with jQuery Where is the AutoFormat As You Type feature in Word 2007? Deploy services quickly with prebuilt virtual appliances Whitepapers / Case Studies Understanding Windows Mobile Security TechNet Webcast: Security Deployment Review Tool (Level 200) Laws, regulations and compliance: Top tips for keeping your data under your control Security Threat Report: 2009 TechNet Webcast: Identity Lifecycle Manager "2" (Part 3 of 3): Extensibility and Provisioning With ILM "2" (Level 300) Related IT Security News Check Point to acquire Nokia's security appliance business Firewalls failing to keep generation Facebook in check Securing encrypted traffic in SSL New privacy guidelines for US e-health records Yahoo to anonymize user data after 90 days Blog Central The German rule of order I'm back in Germany for another stopover this week, after catching a quick flight from Vienna, and staying with some...Read more » By The Way - Friday, December 19 2008 04:51 AM Thank God for Pacman The recent year-end list released by search behemoth Google seems to validate a trend that has been proven over time--that...Read more » The Pinoy Post - Wednesday, December 17 2008 09:10 AM