Examples: CRC-32, MD5, SHA3.
Use a checksum when you want to protect data from accidental corruption.
Checksums are deterministic and don’t rely on secrets. An adversary who can make guesses about the kinds of data you send can spoof a checksum. So checksums aren’t useful against adversaries. Trying to use them for security is a famous class of cryptographic mistakes; for instance, it’s why we use SSH2 rather than SSH1.
Examples: HMAC-SHA2, keyed SHA3, Poly1305, GCM’s GHASH construction.
Use a MAC any time you’re protecting
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。