Message Digest in Information security

Last Updated : 12 Jul, 2025

Message Digest is used to ensure the integrity of a message transmitted over an insecure channel (where the content of the message can be changed). It refers to a fixed-size numerical representation (hash value) of a message or data, created by a hash function.

It's a core concept in ensuring data integrity. The message is passed through a Cryptographic hash function. This function creates a compressed image of the message called Digest.

Message Digests Characteristics

  • Purpose: To verify that data has not been altered.
  • Security Use: Common in digital signatures, data integrity checks, and password storage.
  • Generated By: Cryptographic hash functions like MD5, SHA-1, SHA-256.
  • Fixed Output: No matter the size of the input data, the output (digest) is of fixed length.
  • Non-reversible: You cannot retrieve the original data from its message digest (one-way function).
  • Deterministic: The same input will always produce the same output.
  • Collision-resistant: It should be hard to find two different inputs that produce the same digest.

Working of Message Digest

Lets assume, Alice sent a message and digest pair to Bob.

Untitled-Diagram.drawio-1
Working of Massage Digest

This message and digest pair is equivalent to a physical document and fingerprint of a person on that document. Unlike the physical document and the fingerprint, the message and the digest can be sent separately.

Sender Side (Creating the Digital Signature)

  • Compose the Message
    The sender writes or generates the message they want to send.
  • Generate the Message Digest
    The sender uses a cryptographic hash function (e.g., SHA-256) to create a message digest (fixed-length hash) from the original message.
    • Example: Digest = Hash(message)
  • Encrypt the Digest with Private Key
    The sender encrypts the digest using their private key.
    • This encrypted digest is now the digital signature.
    • Example: Digital Signature = Encrypt(Digest, Sender's Private Key)
  • Send the Message and Digital Signature
    The sender sends both the original message and the digital signature to the receiver.

Receiver Side (Verifying Integrity and Authenticity)

  • Receive the Message and Digital Signature
    The receiver gets the original message and the attached digital signature.
  • Compute the Message Digest Locally
    The receiver uses the same hash function to compute a new digest from the received message.
    • Example: Digest' = Hash(received message)
  • Decrypt the Digital Signature
    The receiver decrypts the digital signature using the sender’s public key to recover the original digest.
    • Example: Original Digest = Decrypt(Digital Signature, Sender's Public Key)
  • Compare the Two Digests
    The receiver compares:
    • The locally generated digest (Digest')
    • The decrypted digest from the digital signature (Original Digest)

There are two possibilities that happen:

  • If they match:
    • The message has not been altered (integrity verified).
    • The sender is authenticated (only the true sender has the matching private key) .
  • If they do not match:
    • The message may have been tampered with, or the sender may be fraudulent.

For example : Using SHA-256:

  • Input:

"Hello"

Output Digest (in hex):

185f8db32271fe25f561a6fc938b2e264306ec304eda518007d1764826381969

Applications of Message Digest

  • Digital Signatures: Ensures the message is not been tampered .
  • Data Integrity Checks: Verifies files/downloads have not be changed.
  • Password Hashing: Securely stores passwords (usually with salt).

Related GATE Questions:

Comment

Explore