A slightly longer series of articles "Keeping Your Secrets Secret" will examine practical examples in greater detail and provides useful tips and advice. Of course, these will continue with the theme of making crypto and computer security easily understood.

One-Way Hash

Also known as a one-way function, a message digest, a fingerprint or a checksum, the algorithm creates a fixed-length output that cannot be reversed. One-way hashes provide checksums to validate files, create digital certificates and played a central part in many authentication schemes.

Let us consider this example. For ages, the Chinese have a fortune-telling method that relies on "Ba Ji" (eight characters) which uses the time, day, month and year of birth according to their calendar. There are sixty possibilities (almost equal to 6 bits) for each of the four variables. Since the Chinese use two characters for each variable, the result is always eight characters. This is an example of a nonsecure 24-bit one-way hash.

Obviously, this way of producing a one-way hash is not acceptable for security purposes because of the huge number of collisions (different inputs producing the same output).

The most commonly used hashes are SHA-1 (Secure Hash Algorithm uses 160 bits) and MD5 (Message Digest uses 128 bits). In August 2005, a team of cryptographers led by Xiaoyun Wang of Shandong University, China, presented a paper that found faster ways of finding collisions than the usual brute force method. These exploits (vulnerabilities) may make digital certificates forgery a reality.

The implications to e-commerce may be widespread not to mention the millions of websites which used MD5 to hash the users