From a initial data, the hash function will generate a hash that will have the following caracteristics
1. The transformation must be irreversible, that is, it shall not be possible from the message digest to reconstruct the original message, even when the algorithm is known.
2. Even a small change in the message shall change the corresponding message digest significantly.
3. It must be virtually impossible to create a message resulting in a given message digest.
A message digest may be used to give some level of message integrity. If the message digest is attached a transmitted message together with an identification of the used hashing algorithm, the receiver can create its own message digest and compare it with the one attached. If different, the message has been changed during the transfer and should be discarded.
Several hashing algorithm have been defined for use in an X.509 environment.
|MD2||This is a hashing algorithm not recommended anymore, as some weaknesses have been identified. It is fully described in RFC 1319.|
|MD5||This hashing algorithm has also shown some weakness. It is fully described in RFC 1321.|
|SHA-1||This hashing algorithm produces a 160-bit hash of the input. It can handle a message of any length less than 264 bits. It is widely used. It is further described in RFC 3174. A sample code in programming language C for generate an SHA-1 is also provided by this RFC. The official specification is given in FIPS 180-3.|
|SHA-224 and SHA-256||These algorithms can handle a message of any length less than 264 bits. The final result of SHA-256 is a 256-bit message digest. The procedure to generate a SHA-224 is almost exactly the same as for SHA-256, but the resulting message digest is truncated to 224 bits.|
|SHA-384 and SHA-512||These algorithms can handle a message of any length less than 2128 bits. The final result of SHA-512 is a 512-bit message digest. The procedure to generate a SHA-384 is almost exactly the same as for SHA-512, but the resulting message digest is truncated to 384 bits.|
|GOST R 34.11-94||developed by “GUBS of Federal Agency Government Communication and Information” and “All-Russian Scientific and Research Institute of Standardization”. The algorithm GOST R 34.11-94 produces a 256-bit hash value of an arbitrary finite bit length input.|