Graphic explanation: What is a digital signature? graphic explanation: Digital Signature

Source: Internet
Author: User

Graphic explanation: What is a digital signature? graphic explanation: Digital Signature
Graphic explanation: what is Digital Signature introduction By David Youd
Preface

Recently, When I browsed articles related to SSL protocol encryption on the Internet, I became more confused about "Digital Signature. Search for "What is digital signature" and find this early article:

Http://www.youdzone.com/signature.html. It was very early, but it was intriguing. On the web page, I also found the relevant translation: http://www.ruanyifeng.com/blog/2011/08/what_is_a_digital_signature.html. After reading this article, I thought that this translation is actually just an explanation of the meaning, and even the "story" has changed a lot. So I started my own work, so I had this article ..


Bob has two keys, one known as the public key, and the other known as the private key.

Bob's public key can be obtained by anyone who needs it, but his private key is retained by himself. A key (Public Key and private key) is used to encrypt information. The process of encrypting information means "obfuscation", so that only people with the right key can make it readable again. One of Bob's two keys is used to encrypt the data, and the other is used to decrypt the data.

Susan (as shown below) uses Bob's public key to encrypt a piece of information and sends it to Bob. Bob uses the private key to decrypt the information and read it. Bob's colleagues may be able to obtain the information that Susan has encrypted, but without Bob's private key, the data is useless.

With his private key and appropriate software, Bob places digital signatures in documents and some data. This digital signature is put into the data by Bob and is the unique "identifier" for Bob, which is very difficult to fabricate. In addition, this signature can be found when any data changes.
When signing a document, Bob's software will compress the data into just a few lines. This process is called "HASH Verification", and several lines are called information summaries. (It is impossible to directly restore the Information summary to the original data information)

Then Bob's software uses his private key to encrypt the abstract information. The result is a digital signature.

Finally, Bob's software put the digital signature and information document together. All data has been identified.


Now Bob passed the document to Pat.



Plot tangle ing... (tragedy, no story ...)


As a coincidence, Suan works at the company's CA center (certificate authentication). Susan can sign Bob's public key together with some of his information and simply create a digital certificate for Bob.

Now Bob's colleagues can check Bob's trusted certificate to ensure that their public key is indeed Bob's. In fact, no one in Bob will accept the signature without Susan generating the certificate. This gives Susan the right to revoke the digital certificate from which the private key is leaked, which is almost impossible. Susan's CA certificate verification is widely accepted.
Let's talk about Bob sending the signed document to Pat. To verify the digital signature on the document, Pat first uses the software to use the Susan (CA) Public Key to detect the certificate on the Bob document. If the certificate is successfully unlocked, it is generated by Susan. After the certificate is unbound, Pat can contact the CA center to compare the information on the Bob certificate to check whether the document has been modified.
Pat then obtains Bob's public key from the certificate and uses it to detect Bob's signature. If Bob's public key can successfully unbind the signature, Pat can determine that the signature is generated using Bob's private key and matches the certificate public key issued by Susan. In addition, if the signature is a comparison, it also means that Doug cannot modify the document content.
Although these steps seem a headache, they look like Pat-related user-friendly software scenarios. To verify the signature information, Pat only needs to click:

(Figure shows the ID of the verification digital certificate)


Download

URL: http://pan.baidu.com/s/1qWNrSZy password: vsi1


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.