Using modification detection codes and message hashing

When you are sending a message, use either the MDC generate callable service, or the one-way hash generate callable service to generate a message hash. The choice depends on the cryptographic standard you are using.

The MDC is a 128-bit value that is generated by a one-way cryptographic calculation. The originator of the message transmits the MDC with integrity to the intended receiver of the file. For instance, the originator could publish the MDC in a reliable source of public information. The receiver of the message can use an application program and the same callable service to generate another MDC. If the two MDCs are identical, the receiver assumes that the message is genuine. If they differ, the receiver assumes that someone or some event altered the message.

A hash is a message digest that is generated by a one-way cryptographic calculation. ICSF supports these hash algorithms:

MD5 produces a 128-bit hash value
SHA-1 produces a 160-bit hash value
SHA-224 produces a 224-bit hash value
SHA-256 produces a 256-bit hash value
SHA-384 produces a 384-bit hash value
SHA-512 produces a 512-bit hash value
RIPEMD-160 produces a 160-bit hash value

Applications can use the hash value and the originator's private key to generate a digital signature and attach it to the message. The receiver of the message uses the originator's public key to authenticate the digital signature.

Both MACs and hashes can be used similarly to ensure the integrity of data that is stored on the system or on removable media such as tape.