Scribd
Upload
49 views

Digital Signature, Hash Functions

Digital signatures allow people to authenticate the source of messages and documents. They work by having the sender encrypt a hash of the message's content using their private key, producing a digital signature. The recipient can then decrypt the signature using the sender's public key and compare it to a fresh hash of the received message to verify it has not been altered. Public key cryptography is well-suited for digital signatures since only the sender's private key can produce a valid signature, proving authenticity. Common hashing algorithms like MD5 and SHA are used to generate the hash or "digital fingerprint" of a message before it is signed.

Uploaded by

Harpreet Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
49 views

Digital Signature, Hash Functions

Digital signatures allow people to authenticate the source of messages and documents. They work by having the sender encrypt a hash of the message's content using their private key, producing a digital signature. The recipient can then decrypt the signature using the sender's public key and compare it to a fresh hash of the received message to verify it has not been altered. Public key cryptography is well-suited for digital signatures since only the sender's private key can produce a valid signature, proving authenticity. Common hashing algorithms like MD5 and SHA are used to generate the hash or "digital fingerprint" of a message before it is signed.

Uploaded by

Harpreet Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 9

Module 7.

4
Digital Signature, Hash Functions
Digital Signatures
A digital signature is a protocol the produces the same
effect as a real signature.
It is a mark that only sender can make
Other people can easily recognize it as belonging to the
sender.
Digital signatures must be:
Unforgeable: If P signs message M with signature S(P,M), it is
impossible for someone else to produce the pair [M, S(P,M)].
Authentic: R receiving the pair [M, S(P,M)] can check that the
signature is really from P.
2
Digital Signatures:
Symmetric Key
Under private key encryption system,
the secrecy of the key guarantees
the authenticity of the message as
well as its secrecy.
It does not prevent forgery, however.
There is no protection against
repudiation (denial of sending a
message).
An arbitrator (a trusted third party) is
needed to prevent forgery.
3
Digital Signatures - Public Key
Public key encryption systems are ideally suited to digital
signatures.
Reverse of public key encryption/decryption.
To sign a message, use your private key to encrypt the message.
Send this signature together with the message.
The receiver can verify the signature using your public key.
Only you could have signed the message since your private key
belongs to you and only you.
The receiver saves the message and signature and anyone else
can verify should you claim forgery.

4
Digital Signature Process

5
Message Digest
How to assure integrity
Alice makes a message digest from a plaintext message.
Alice signs the message digest and sends the signed
digest and plaintext to Bob
Bob re-computes the message digest from the plaintext.
Bob decrypts the signed digest with Alices public key.
Bob verifies that message is authentic if the message
digest he computed is identical to the decrypted digest
signed by Alice.

6
Possible Scenarios
Message
Plaintext, can be altered
Message, E(Message-digest, pub-key)
Plaintext, encrypted msg digest
E(message,sym-key), E(message-digest,pub-key)
Cipher-text, encrypted msg digest

7
Cryptographic Hash Functions
Hash functions are used in creating digital fingerprint of
a large message.
Requirements of such hash functions are:
easy to compute (i.e., reduce a message of variable size to a
small digest of fixed size)
one-way, that is, hard to invert
collision-free (the probability that a randomly chosen message
maps to an n-bit hash should ideally be **n)
To sign a message, first apply a hash function to create a
message digest, encrypt the digest using private key and
send it along with the message.
8
Uses for Hashing Algorithms
Hash functions without secret keys are used:
To condense a message for digital signature.
To check the integrity of an input if the hash has been previously
recorded.
Such functions are called Modification Detection Codes
(MDCs).
Hash functions that use secret keys are called Message
Authentication Codes (MACs).
They are used for data origin authentication.
MD5, SHA, SHA-2, SHA-3, SHA-256 etc.
9

You might also like