Introduction to digital signatures

The following steps are used to sign a digital signature:1. The sender first has a public/private key pair. The packet to be signed is used as the input of a one-way hash function to generate a fixed-length hash code, it is generally called a message digest. 2. Use the issued private key to encrypt the hash code and generate a signature. Send the text and signature together. Third, the receiving and distributing functions generate a hash code for message operation, and decrypt the signature with the issued public key. Fourth, if the hash code calculated by the recipient is the same as the decryption signature, it indicates that the sender has signed the message and the message has not been tampered with on the way. The specific process 1 is as follows: as described above, digital signatures are divided into two steps: generate a message digest and digital signature. The purpose of the unidirectional hash function is to compress messages of any length into a message digest of a fixed length. The unidirectional hash function is also called a unidirectional hash function. It is not an encryption function. Its basic model is H = f (M). m is the input message body and can be of any length; f is a one-way hashed algorithm/function, and H is the message digest generated, with a fixed length, which is irrelevant to the length of M. A good one-way hashing algorithm F should have the following five features: 1. It can process m with any length (at least any length that can be encountered in practical applications ); 2. The generated message digest H should be unpredictable. H seems to have nothing to do with M. 3. Given m, it should be easy to calculate h; 4. Given H cannot calculate m, or even get any information about M. 5. Given any M1, if you want to find another m2, and M2 is not equal to M1, to make the results of F (M1) and F (m2) as difficult as possible, the calculation is almost impossible. at present, a large number of one-way hash algorithms have been designed in cryptography, such as rabinhash, merklehash, nhash, md2, md4, MD5, and Sha. In practice, common one-way hashing algorithms include message digest algorithm MD5 (Message digest5) and security hash algorithm Sha (Security Hash Algorithm ). as mentioned above, at least two steps should be taken for Digital Signature: (1) The sender uses the unidirectional hash function f to calculate the message body m and generate the hash code H (2) the sender uses its private key to encrypt the hash code H, and sends the encrypted hash code together with the message body. The following two steps are required to verify the Digital Signature: (1) the receiver uses the unidirectional hash function f to compute the received message body m and generates the hash code H2 (2) the receiver uses the sender's public key to decrypt the hash code received. The restored hash code H is used to compare whether the hash code H and hash code H are consistent. If they are consistent, it means that the sender has signed the message, and the message is not tampered with on the way. For details about how to use the RSA algorithm to implement digital signatures in Java, see 《Digital signature using RSA. For details about how to use the DSA algorithm to implement digital signatures in Java, see 《Digital signature using DSA Algorithm. For Java's digital signatures and digital certificates, see 《Digital signatures and digital certificates in Java"