| Digital Signature |
| We said that security provides four services in relation to a single message: privacy, authentication, integrity, and nonrepudiation. |
| We have already discussed privacy. The other three can be achieved by using what is called digital signature. |
| The idea is similar to the signing of a document. When we send a document electronically, we can also sign it. |
| We have two choices: We can sign the entire document, or we can sign a digest (condensed version) of the document. |
| Signing the Whole Document |
| Public-key encryption can be used to sign a document. However, the roles of the public and private keys are different here. |
| The sender uses her private key to encrypt (sign) the message just as a person uses her signature to sign a paper document. |
| The receiver, on the other hand, uses the public key of the sender to decrypt the message just as a person verifies from memory another person's signature. |
| Signing the Digest |
| We said before that public-key encryption is efficient if the message is short. Using a public key to sign the entire message is very inefficient if the message is very long. |
| The solution is to let the sender sign a digest of the document instead of the whole document. |
| The sender creates a miniature version or digests of the document and signs it; the receiver then checks the signature on the miniature. |
| To create a digest of the message, we use a hash function. The hash function creates a fixed-size digest from a variable-length message. |
Thursday, February 5, 2009
Digital Signature
Subscribe to:
Post Comments (Atom)
1 comment:
The idea behind digital signature seems to me very impressive. In recent time it has gained lot of popularity and everyone is making use of this technique to secure information.
digital signatures
Post a Comment