Working with RSA Digital Signatures

Modern digital signatures rely on more than public-key operations. They actually combine a hash function with a public-key algorithm to create a more secure signature, as shown in Figure 14-4.

Figure 14-4 RSA Digital Signature Process

Step 3

Figure 14-4 RSA Digital Signature Process

Step 3

Let's examine the steps involved in the signature process:

■— Step 1 To uniquely identify the document and its contents, the signer makes a hash or

. Topic fingerprint of the document.

Step 2 The signer's private key is used to encrypt the hash.

Step 3 The signature (the encrypted hash) is appended to the document.

Continuing the process, the following steps outline verification:

Step 4 The verifier obtains the signer's public key.

Step 5 The signer's public key is used to decrypt the signature. This step reveals the signer's assumed hash value.

Step 6 The verifier makes a hash of the received document, without its signature. This is compared to the decrypted signature hash. If the two hashes match, the document is thought to be authentic. In other words, it was signed by the assumed signer, and it has not been altered since it was signed.

In the exchange just depicted, you can see how both the authenticity and integrity of the message are ensured, even though the actual text is public. To ensure that the message remains private and that it has not been altered, both encryption and digital signatures are required.

0 0

Post a comment