Out of curiosity, what prevents someone from intercepting this message, changing it and replacing it with their own SHA-1 hash?
-- "My mom says I'm cool." ----- Original Message ----- From: "Cheryl Goh" <[EMAIL PROTECTED]> To: "Mario Behring" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, July 09, 2002 9:51 PM Subject: Re: 3DES versus SHA-1 > Hello Mario, > > 3DES and SHA-1 are two different encryption algorithms. 3DES is a symmetric > algo and SHA-1 is a hashing algo. > > A typical scenario would be : > > The message is encrypted using 3DES to ensure that even if the message is > intercepted the intruder is unable to view the message. > > SHA-1 is used to create a hash of the message and this hash is sent along > with the message to the receiver. When the recipients receives the message, > he recalculates the hash to see if they both match. If the hash matches then > the message is original and has not been tampered with. > > In short, SHA-1 maintains the integrity of the message and 3DES maintains > the confidentiality of the message. They are both used in tandem. > > Cheryl Goh > Security Consultant, CISSP
