Security: How to Use Cryptographic Hash Algorithms

Hash values (digests) are unique and extremely compact numerical representations of a piece of data. Changing even one character in a source file can result in huge differences in the hash value. Hashes are used to ensure data integrity. For example, by comparing the hash value generated before a message is sent with the hash value generated from the received text, the recipient can determine whether the message has been corrupted. This application demonstrates how to use hash functions for this purpose.

Featured Highlights:

Scenario: The fictitious Northwind Corporation wants to send a highly confidential listing of its products and prices to you for marketing overseas. The data is transmitted over a secure connection, but both parties want additional measures taken to ensure that the listing is not corrupted in transit.

When you run this application, an XML data document of all the Northwind products is created by querying the SQL Server Northwind database and persisting the DataSet to XML. This simulates the sender creating the source document. The contents of this document are then read into a StreamReader and converted to a string to display in a TextBox. This simulates you receiving the transmitted document. 

Additionally, when the Form is loaded an MD5 hash digest is created to use as an original "key" by which you can validate the transmitted XML. Click the Compare! button to compare the hash digest for the products "sent over the wire" (displayed) with the hash digest sent from Northwind. Alter the contents of the TextBox and click Compare! to see the results.

Examples of three different hash types are provided: MD5, SHA1, and SHA384.

Requirements:

This application requires the release version of Visual Studio .NET Professional (or greater) and access to the Northwind database residing in SQL Server or the Microsoft Data Engine (MSDE). To install MSDE, do the following:

1. Open the Start menu, click Programs, click Microsoft .NET Framework SDK, and then click Samples and Quickstart Tutorials.

2. Click "Step 1: Install the .NET Framework Samples Database".

3. Open a command window, and CD to \Samples\Setup This is typically : C:\Program Files\Microsoft Visual Studio .NET\FrameworkSDK\Samples\Setup

4. Type: osql -E -S (local)\NetSDK -i InstNwnd.sql

Running the Sample:

Simply press F5.

See also

Cryptography Overview (MSDN)