Cryptography Overview

4.Digest the message file.

5.If the digest matches the 16 bytes you obtained from decrypting the original 96- byte block, the message is verified. That is, you can assume the 96-byte block is the file’s digest encrypted with the RSA private key associated with the public key you used. It would have been computationally infeasible to produce that 96- byte block any other way.

There are other uses for a digital signature. Suppose that Bob wishes to buy something from Alice over the Internet. He e-mails her a credit card number. Alice can easily find out from the credit card issuer that the number she received is valid and indeed belongs to Bob. But how does she know that it was Bob who sent the number and not someone posing as Bob? She sends the purchaser a randomly generated message and asks him to digitally sign it with his private key. She then retrieves his public key from a certification authority and verifies the signature. Only the person with access to Bob’s private key will be able to generate a digital signature from the message she generated in such a way that Bob’s public key will verify it properly. In this way, Alice authenticates Bob’s identity.

 

 

Private Key

 

Original

Message

RSA Private

Signature

Message

Digest

Encryption

 

 

Signature Operation

 

Original

Message

 

 

Message

Digest

YES

Signature

 

 

 

 

 

Valid

 

Public Key

EQUAL?

 

 

 

 

 

 

NO

Signature

 

RSA Public

 

Not Valid

Signature

 

 

Decryption

 

 

 

 

 

 

Verification Operation

 

Figure 3-11RSA Digital Signature

C h a p t e r 3 C r y p t o g r a p h y

5 9

Page 81
Image 81
RSA Security 5.2.2 manual 11RSA Digital Signature