Certain encryption algorithms are designed to operate on streams of data. They take the data a character at a time, and output encrypted data at the same rate. Block-encryption algorithms, on the other hand, are designed to encrypt chunks or blocks of data all together. Generally, block encryption is viewed as being somewhat more secure. When this type of algorithm is used, the final block of data will rarely fill the entire block, so padding bytes are usually added to the final block.
Many encryption algorithms generate a residual, or hash, value that is continually combined with the current data, producing a new hash, which is again combined with the current hash. A hash value of a certain number of bits is generated by applying some encryption-like algorithm to the data, so that the resulting hash value will be different if even one bit of the source data is lost or tampered with. Obviously, the longer the hash value, the lower the odds are of a hash value equaling another hash value produced from a tampered-with file.
Hashing can be used either by itself or along with encryption. In either case, it provides a value that can be used for digital signing and for error- and tamper-proofing a chunk of data.
NOTE
Virus checkers frequently use a form of hashing on executable files, to determine whether the file has been tampered with. Java code, ActiveX controls, and other software downloaded from the Internet may be subject to similar verification techniques.
Hashing is also used to help ensure that repetitious data does not result in an encryption process producing identical blocks of encrypted data. You do not want repetition to show up in the encrypted data, because this can provide enough information to a hacker to completely recover your encryption key. In fact, because of this, some algorithms also allow you to “seed” the hash algorithm periodically by supplying additional random bits, which are incorporated into the encryption algorithm to further scramble the output. Salt values, or salt bits, as they are called, can be thought of as additional key information, which, like a key, must also be available for successful decrypting.