Digest Authentication

Digest authentication mitigates the risk of exposing the username and password by utilizing a one-way cryptographic algorithm (also commonly called a hash or a message digest). These algorithms are called one-way algorithms because they are practically impossible to reverse. Although this might seem like a bold claim, consider that MD5 (Message Digest 5, a popular one-way algorithm) always returns a 128-bit digest. Thus, if you were to create a message digest of the text of this entire book, it would be 128 bits in length. If it were possible to generate the text of this entire book from a 128-bit message digest, MD5 would be an amazing compression algorithm!


The fact that a message digest cannot be reversed does ...

Get HTTP Developer’s Handbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.