z/OS Cryptographic Services ICSF Overview
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF

Hashing algorithms

z/OS Cryptographic Services ICSF Overview

The use of a hashing algorithm is another means of verifying that data has not been altered during transmission or storage. A hash, or message digest, is calculated with a public, one-way function, rather than with a secret key like a MAC. A hash, therefore, cannot be used to verify the authenticity of a message. Hashes are used in situations where it is impractical to share a secret key. For example, you can use a hash as part of a software delivery process to uncover deliberate or inadvertent modifications to software.

The originator of the data calculates the hash using the data itself and the hashing algorithm. The originator then ensures that the hash is transmitted with integrity to the intended receiver of the data. One way to ensure this is to publish the hash in a reliable source of public information. When the receiver gets the data, an application can generate a hash and compare it to the original one. If the two are equal, the data can be accepted as genuine; if they differ, the data is assumed to be bogus.

You can use the ICSF hashing algorithms to generate modification detection codes (MDCs), support the Public Key Cryptographic Standard (PKCS), and create hashes for digital signatures.

Go to the previous page Go to the next page

Copyright IBM Corporation 1990, 2014