Skip to Main Content
Oracle PL/SQL for DBAs
book

Oracle PL/SQL for DBAs

by Arup Nanda, Steven Feuerstein
October 2005
Intermediate to advanced content levelIntermediate to advanced
454 pages
14h 44m
English
O'Reilly Media, Inc.
Content preview from Oracle PL/SQL for DBAs

Message Authentication Code in Oracle Database 10g

The type of hashing discussed so far in this chapter is a very helpful technique, but it has certain limitations:

  • Anyone can verify the authenticity of transmitted data by using the hash function. In certain types of ultra-secure systems, where only a particular recipient is expected to verify the authenticity of the message or data, this may not be appropriate.

  • Anyone can calculate the same hash value if the algorithm is known, and he can then update the values in the checksum columns, hiding the compromise in the data.

  • For the reason stated in the previous problem, the hash value cannot be stored along with the data in a reliable manner. Anyone with update privileges on the table can update the hash value as well. Similarly, someone can generate the hash value and update the data in transit. For this reason, the hash value cannot accompany the data. It has to travel separately, which adds to the complexity of the system.

These limitations can be overcome by a modified implementation of hashing, one in which the exclusivity of the hashing mechanism at the receiver’s end can be ascertained by a password or key. This special type of hash value is known as a Message Authentication Code (MAC). The sender calculates the MAC value of the data using a predetermined key that is also known to the receiver but not sent with the data. The sender then sends the MAC to the receiver along with the data, not separate from it. After receiving the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Oracle PL/SQL Best Practices

Oracle PL/SQL Best Practices

Steven Feuerstein
Expert Oracle PL/SQL

Expert Oracle PL/SQL

Ron Hardman, Michael McLaughlin
Oracle PL/SQL For Dummies

Oracle PL/SQL For Dummies

Michael Rosenblum, Paul Dorsey

Publisher Resources

ISBN: 0596005873Supplemental ContentErrata Page