Cryptography Overview

a= gu1 mod p

b= yu2 mod p

v = (a · b mod p) mod q

3.If v = r, the signature is verified. If v r, the signature is invalid.

The Math

To see that this is indeed the signature, consider the following. We have the values:

y = gx mod p

and

u2 = r · sinv mod q

Make the following algebraic substitutions:

a · b mod p = gu1 · gx·u2 mod p

=gu1 + x·u2 mod p

=gdigest·sinv + x·r·sinv mod p

=gsinv(digest + x·r) mod p

=gk mod p

Recall that:

r= (gk mod p) mod q

This means that:

v = (a · b mod p) mod q

=(gk mod p) mod q

=r

Digital Certificates

Suppose you own an RSA public/private key pair. You must make your public key public so that others can use it to verify your digital signature or to encrypt session keys when creating an RSA envelope. How do you publicize your key?

Probably the best way is to register public keys with a trusted authority. Then, this trusted authority can certify that a particular public key belongs to a particular entity. Currently, such a public key registration infrastructure exists in the form of digital certificates.

C h a p t e r 3 C r y p t o g r a p h y

6 1

Page 83
Image 83
RSA Security 5.2.2 manual Digital Certificates, Math