What is SHA-2's role in internet security?
I'm doing some light and fun reading and I'd lik开发者_JAVA百科e to get some clarification, please.
I know that SSL uses public-key cryptography and is the backbone behind the HTTPS connection. The encryption used in SSL can be AES-128, 256, or whatever. What part of the secure connection does SHA play in security? If the connection is secured, and encrypted with AES, where does SHA come into play?
SHA is a hash function.
Hash functions have nothing to do with encryption. They are used in digital signing and message integrity.
For example in certificates, there is the public key but there is also the hash to ensure that the certificate has not been altered
Beside their use in certificates mentioned by another poster, in SSL/TLS cryptographic hashs are used to contruct Message Authentication Code (MAC) using the HMAC construction. This is to ensure that the stream is not modified by an attacker, and to reject PDUs that are.
精彩评论