A checksum confirming that the information has remained unchanged by computing a hash algorithm with the information after it is received. A hash function is a one-way operation changing any length of information string into a shorter one with a fixed length so that no two strings of information result in the same hash value. The resulting hash value is then compared to the hash value sent with the information. If the two values match, this result suggests that the information has not been changed; therefore, its integrity may be trusted.
In August 2004, researchers reported that they found weaknesses in the prevalently utilized encryption tools thought to be secure, including Message Digest MD5. This is a big worry because MD5 is frequently used with digital signatures and to secure the open source Apache Web server products. It has also been adopted for use in programs such as PGP or SSL and in the only digital signature algorithm accepted by the U.S. government’s Digital Signature Standard. The flaws, warned the researchers, could allow powerful computers to read or potentially alter encrypted documents thought to be secure.
In Brief. Popular Crypto Flawed. The Globe and Mail, August 12, 2004, p. B7; Symantec Security Response. Glossary. [Online, July 15, 2004.] Symantec Security Response Website. http://securityresponse.symantec.com/avcenter/refa.html.