11.1.6 Problems with Digests

11.1.6  Problems with Digests

Although there are many hash algorithms, only a few are popularly used. If the eavesdropper knows one or more original messages, and the corresponding hash codes, the eavesdropper may try a few such algorithms and may be able to discover the name of the hash algorithm used. The eavesdropper may be able to find the hash algorithm used by employing other means as well. If this happens, the eavesdropper may be able to replace the original information with some fake information, and then compute a digest for this fake message with the appropriate hash algorithm and transmit the fake information and the accompanying digest to the receiver. The receiver computes the digest on the fake information, and compares this digest with the digest that came from the eavesdropper. The two are equal because the eavesdropper and the receiver use the same hash algorithm. The receiver thus, concludes that the integrity of the data was not
tampered with along the way. However, as we know this conclusion is wrong. Thus, one must find ways to safeguard against such replacement of data and accompanying digest.