Computer Security–Comparisons - 1

Compare Password with Fingerprint Authentication

Password authentication uses “a secret only you know” while fingerprint authentication uses “who you are”, i.e. biometric schemes, to authenticate your identity.

Besides, when the system checks your password, it will give you a binary decision only. However, in fingerprint authentication, the authentication is based on the similarity between the stored template and the user input. False positive and false negative are possible in fingerprint authentication.

Moreover, fingerprint is something you cannot change while password can be changed very frequently.

Fingerprint is also unique for every user while password can be the same for different users.

Fingerprint, unlike the password, can be found everywhere, which is not a secret.

Compare block cipher with stream cipher

Block cipher process the message block by block. Each block goes through multiple rounds of permutation and substitution. It has a complex key scheduling.

Stream cipher processes the message bit by bit/byte by byte. Typically have a (pseudo) random stream key.

Compare the difference when computing MAC to provide message authentication using conventional encryption with hash function.

When using conventional encryption, only sender and receivers share the keys. A nonce should be included to prevent replay attack. Some message structures should be imposed to identify the garbage.

MAC can be computed using a one way hash function and it is appended at the end of the message.

Using hash function is faster than using encryption. It is also cheaper in terms of hardware cost. It will not subject to US export control and be covered by patents.

Compare MD5 with HMAC-MD5.

MD5 is a hash algorithm processes input as 512-bit blocks and generate a 128bits hash code. HMAC-MD5 is MAC derived from a cryptographic hash codes. It uses MD5 in generating the digest from a secure key and the message. It is more secure than MD5.


發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *