23-06-2012, 12:40 PM
DIGITAL SIGNATURE
[attachment=25218]
A digital signature is an electronic signature that can be used
to authenticate the identity of the sender of a message or the
signer of a document, and possibly to ensure that the original
content of the message or document that has been sent is
unchanged.
A digital signature scheme typically consists of three
algorithms:
* A key generation algorithm that selects a private key
uniformly at random from a set of possible private keys.
The algorithm outputs the private key and a corresponding
public key.
* A signing algorithm that, given a message and a private
key, produces a signature.
* A signature verifying algorithm that, given a message,
public key and a signature, either accepts or rejects the
message's claim to authenticity.
Two main properties are required:
1. a signature generated from a fixed message and fixed private
key should verify the authenticity of that message by using the
corresponding public key.
2. it should be computationally infeasible to generate a valid
signature for a party who does not possess the private key.
HOW DIGITAL SIGNATURE WORKS:
There are two processes in digital signatures:
1. signing process - In this process, data is converted
into hash by using hash function then this hash is
encrypted by using signer's private key and then this is
attached to the data and send.
2. verification - In this process, digital signature are
verified. first, digitally signed data is split into data
and signature. then data is converted into hash and
simultaneously signature isdecrypted using signer's public
key. if both hash are same then the digital signatures are
verified.
Integrity
In many scenarios, the sender and receiver of a message may have
a need for confidence that the message has not been altered
during transmission.
Although encryption hides the contents of a message, it may be
possible to change an encrypted message without understanding it.
However, if a message is digitally signed, any change in the
message after signature will invalidate the signature.
Furthermore, there is no efficient way to modify a message and
its signature to produce a new message with a valid signature,
because this is still considered to be computationally infeasible
by most cryptographic hash functions.
Non-repudiation
Non-repudiation, or more specifically non-repudiation of origin,
is an important aspect of digital signatures.
By this property an entity that has signed some information
cannot at a later time deny having signed it.
Similarly, access to the public key only does not enable a
fraudulent party to fake a valid signature.
This is in contrast to symmetric systems, where both sender and
receiver share the same secret key,
and thus in a dispute a third party cannot determine which entity
was the true source of the information.
[attachment=25218]
A digital signature is an electronic signature that can be used
to authenticate the identity of the sender of a message or the
signer of a document, and possibly to ensure that the original
content of the message or document that has been sent is
unchanged.
A digital signature scheme typically consists of three
algorithms:
* A key generation algorithm that selects a private key
uniformly at random from a set of possible private keys.
The algorithm outputs the private key and a corresponding
public key.
* A signing algorithm that, given a message and a private
key, produces a signature.
* A signature verifying algorithm that, given a message,
public key and a signature, either accepts or rejects the
message's claim to authenticity.
Two main properties are required:
1. a signature generated from a fixed message and fixed private
key should verify the authenticity of that message by using the
corresponding public key.
2. it should be computationally infeasible to generate a valid
signature for a party who does not possess the private key.
HOW DIGITAL SIGNATURE WORKS:
There are two processes in digital signatures:
1. signing process - In this process, data is converted
into hash by using hash function then this hash is
encrypted by using signer's private key and then this is
attached to the data and send.
2. verification - In this process, digital signature are
verified. first, digitally signed data is split into data
and signature. then data is converted into hash and
simultaneously signature isdecrypted using signer's public
key. if both hash are same then the digital signatures are
verified.
Integrity
In many scenarios, the sender and receiver of a message may have
a need for confidence that the message has not been altered
during transmission.
Although encryption hides the contents of a message, it may be
possible to change an encrypted message without understanding it.
However, if a message is digitally signed, any change in the
message after signature will invalidate the signature.
Furthermore, there is no efficient way to modify a message and
its signature to produce a new message with a valid signature,
because this is still considered to be computationally infeasible
by most cryptographic hash functions.
Non-repudiation
Non-repudiation, or more specifically non-repudiation of origin,
is an important aspect of digital signatures.
By this property an entity that has signed some information
cannot at a later time deny having signed it.
Similarly, access to the public key only does not enable a
fraudulent party to fake a valid signature.
This is in contrast to symmetric systems, where both sender and
receiver share the same secret key,
and thus in a dispute a third party cannot determine which entity
was the true source of the information.