ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Message Digests

Updated on June 3, 2010

Message Digests

A message digest function is an algorithm that converts variable messages to a unique fixed length value. The same input always produces the same output from any particular algorithm. For example, the MD5 algorithm reduces any message to a 128-bit digest.

Good message digest functions have the following properties:

  • Every binary digit, bit, of input message data influences the content of the message digest. Otherwise, some of the input data would not be protected from modification.
  • If any bit of the input message is changed then each bit of the message digest has a probably of being changed of 0.5. This makes it difficult to crack the algorithm.
  • It should be infeasible to find two messages with the same message digest. Otherwise, an attacker could substitute a signed message or someone could repudiate a transaction by claiming to have signed a different message.

Uses of message digests

There are several security uses of message digests. For example:

  • Virus checkers and other forms of security scanner produce digests of the files they are protecting. They periodically calculate the digest for each file. If the digest has changed since the last calculation then there may have been a security breach.
  • Message authentication codes (MAC) are used to seal messages. Messages are transmitted along with their digest, or MAC. On receipt of the message, the receiver recalculates the MAC; if it agrees with the received MAC then the message has not been modified in transit. HMAC is an example MAC it can use one of several digest algorithms to generate a MAC.

Message digests cannot practically be used to reproduce the original message. However, in some cases the digest can be used to represent the original message. For example:

  • Digital signatures are calculated using message digest rather than the original message. This has performance benefit, it requires far less processing power to produce a message digest and then sign it than sign the original large message.
  • Authentication data such as passwords and challenge data can be transmitted as message digests.

    For example, the RADIUS protocol is used to authenticate users of networks. A RADIUS client collects authentication data, combines it with a shared secret, produces an MD5 digest and transmits it to a RADIUS server. The RADIUS server uses the same algorithm on its stored version of the authentication data. If the two digests match then authentication succeeds.

Message Digest Algorithms

Several message digest functions have been standardised. The following are the most important:

  • MDn
    Ronald Rivest has specified a number of message algorithms. All produce a 128-bit digest. Each specifies a stronger algorithm than the earlier specifications, designed to make use of the greater processing power available.
  • SHA1
    This 160-bit digest algorithm was originally developed by the US government; it is now publicly available as an RFC.
    128-bit and 160-bit message digest algorithms developed from an EU project.


  • R. Rivest (1992). The MD5 Message-Digest Algorithm. Network Working Group. RFC 1321.
  • D. Eastlake, P. Jones (2001). US Secure Hash Algorithm 1. Network Working Group. RFC 3174.
  • H. Krawczzyk, M. Bellare, R. Cannetti (1997). HMAC: Keyed Hashing for Message Authentication. Network Working Group. RFC2104.
  • C. Rigney, S. Willens, A. Rubens, W.Simpson (2000). Remote Authentication Dial In User Service (RADIUS). Network Working Group. RFC 2865.
  • H. Dobbertin, A. Bosselaers, B. Preneel (1996). RIPEMD-160 A Strengthened Version of RIPEMD.


This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

Show Details
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)