Cryptography Overview

1.Alice and Bob compose a contract in digital format. The file can be in any form, such as a word processing file or an ASCII file.

2.Each party digests the file and encrypts the digest with their private key.

3.That encrypted digest is their digital signature.

4.The contract now consists of the file and the two copies of the encrypted digest, one using Alice’s private key, the other using Bob’s private key. Everyone gets copies of this contract.

The digital signature can be used to verify the data at a later time. Suppose that Bob produces a file that is different from Alice’s. To discover which copy has been altered:

1.Digest the new copy.

2.Decrypt each party’s encrypted digest with the corresponding public key.

3.Compare the new digest to the old one.

4.If one of the new digests does not match the old one, that is the altered file.

If a file has been altered, it will produce a different digest, because it is virtually impossible to produce data that will digest to a given value. Even if someone could manipulate the digest, it would be extremely difficult to produce data that has value to anyone.

The digital signature can also be used to verify that a message came from a given person. What if Bob claims Alice forged his digital signature on the original document? He might say her copy of his encrypted digest is not the true version. However, the digest was encrypted using Bob’s private key, to which only Bob has access. Therefore, it is unlikely that Alice forged Bob’s signature.

The following example shows how to verify a message and its signature. Suppose you have the following information:

A message

An entity who claims to have sent the message

A block of data 96 bytes long that purports to be the encrypted digest

To verify the message and the sender:

1.Request the possible sender’s 768-bit (96-byte) RSA public key from a certification authority.

2.Use that public key to decrypt the 96-byte block of data.

3.If the decryption process results in a 16-byte output, you can say it is a message digest. There is a message that will digest to those 16 bytes, but you do not yet know what it is.

5 8

R S A B S A F E C r y p t o - C D e v e l o p e r ’s G u i d e

Page 79 Page 81
Page 80
Image 80
RSA Security 5.2.2 manual Cryptography Overview
Page 79 Page 81
Top Page Image Contents