638 IBM WebSphere Host Publisher Version 3.5
Figure 20-7 Message digest secures data integrity
Message digest algorithms, such as MD5 and SHA-1, are used in public-key
cryptography to secure data integrity:
SHA-1: The Secure Hash Algorithm has been adopted as the Federal
Information Processing Standard (FIPS). SHA-1 generates 160-bit
fingerprints. SHA is similar to MD5 but cryptographically stronger (harder to
break) and slower than MD5.
MD5: The Message Digest algorithm (MD5) is a hash algorithm that
generates 128-bit fingerprints. It is slightly faster than SHA-1.
Both MD5 and SHA-1 can be applied to a single character as well as several
megabytes of data. The result is the same number of bits as defined above.
20.1.9 SSL tunneling
SSL tunneling refers to establishing a secure channel through the proxy. The
proxy only knows user authentication, source, and destination. The proxy has no
access to data exchanged between a client and a destination server. Digital
certificates are exchanged directly between a client and a destination server.
SSL tunneling is illustrated in Figure 20-8 on page 639.
Insecure network
Encrypt
input msg + digest
input
message
Message Digest
Algorithm
Message digest algorithm produces fixed length "digital
hash"
Same algorithm used to validate message received
sender's
private key
message
digest
sender's
public key
Decrypt
Compare
digests
Get A Comprehensive Guide to IBM WebSphere Host Publisher Version 3.5 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
