00:01
In this question, let's discuss about hashdigest.
00:07
So let's say this is a sender and this is a receiver.
00:15
So appending hashdigest to each message before transmission also known as message authentication code.
00:25
Thus provide a form of data integrity, it's not alone.
00:30
So when this data packet is travelled through this line and reach a receiver, a hashdigest is attached to it, maintain this data integrity.
00:53
But why it is not sufficient? let's see.
01:00
There are a couple of reasons why this method may not provide complete data integrity.
01:06
So one may be replay attacks.
01:17
In this, what attackers can do when the sender sends the packet to the receiver, the attacker can send the same message multiple times.
01:39
Sending these messages multiple times is possible and hashdigest will not change.
02:01
So this is a loophole in this method.
02:05
Second is key management.
02:16
Means the method of appending a hashdigest assumes that the recipient and the sender share a secret key for generating and verifying hash.
02:31
If the key is compromised while travelling, then an attacker could modify the message and recalculate the hashdigest using the same key, making it appear as if the same message is intact and sends from the same sender.
03:04
So attacker can access this key, change the message and back it again.
03:15
So they maintain the data integrity.
03:21
These attacks can cause it harm.
03:26
So to provide comprehensive data integrity, what jim can implement a method called digital signatures.
03:41
So what happens in digital signatures? let's see.
03:59
So let's say this is a sender...