TechQA.

Hash and protecting data in transit

110 views Asked by At

I came across the below suggestion on AWS docs regarding protecting request data in transit:

https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html

Protect data in transit To prevent tampering with a request while it's in transit, some of the request elements are used to calculate a hash (digest) of the request, and the resulting hash value is included as part of the request. When an AWS service receives the request, it uses the same information to calculate a hash and matches it against the hash value in your request. If the values don't match, AWS denies the request.

Just wondering is it not possible for the tamperer to recalculate the hash from the changed values and replace the new hash with the original hash, so that server is not able to see any problem with the request?

Is hash getting creating using a secret key? And tamperer will not be able to create the new hash properly?

I am sure I am missing something here. Could someone please help.

java amazon-web-services security tampering
Original Q&A
2

There are 2 answers

0
chrylis -cautiouslyoptimistic- On

Is hash getting creating using a secret key?

Yes, the "hash" referred to here is actually an HMAC, and creating it requires your AWS secret access key.

0
leonardkraemer On

Those signatures are comprised of a cryptographic hash and a secret cryptographic key. For example https://en.wikipedia.org/wiki/HMAC. That is why you cant temper with the data and re-hash.

Related Questions in JAVA

Related Questions in AMAZON-WEB-SERVICES

Related Questions in SECURITY

Related Questions in TAMPERING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions