Preliminary Research on Digital Signature and digital certificate

Source: Internet
Author: User
Tags asymmetric encryption

 

Digital Signature

Reference Wiki entry: http://en.wikipedia.org/wiki/Digital_signature


Purpose of Digital Signature
:

A valid digital signature can be used to verify that a digital information (File) is created by a specific sender and is not modified during transmission.
It is often used in software distribution, financial transactions, e-government, and other fields that require information forgery and tampering detection.

Digital signature and electronic signature: digital signature is an implementation method of electronic signature. The meaning of electronic signatures is more extensive. Electronic signatures are legally binding in the United States and EU Member States. China has also introduced the Electronic Signature Law of the People's Republic of China
Therefore, files containing digital signatures are legally valid.
Digital Signature implementation method: asymmetric encryption. Asypolicric Cryptography
The RSA algorithm is commonly used. The digital signature is based on three algorithms:
  1. The algorithm used to generate a pair of private keys and public keys.
  2. Signature signing algorithm: generates a Digital Signature Based on the information (File) and private key to be signed.
  3. Signature Verification Algorithm: provides information, signature, and public key to determine whether the signature is trusted.
There is an RSA library in Haskell, and the corresponding function is: codec. crypto. RSA

Generatekeypair
: Randomgen
G => G-> int
-> (Publickey
,
Privatekey
,
G)
Sign
: Privatekey
-> Bytestring
-> Bytestring
Verify
: Publickey
-> Bytestring
-> Bytestring
-> Bool
However, in actual use, direct use of asymmetric encryption algorithms is slow. Therefore, you can use MD5 or SHA-1 to obtain the signature and then perform encryption and decryption on the file signature. These algorithms have two important features: 1. A signature generated with a specific private key must be verified by the corresponding public key. (This is understandable) 2. It is not feasible to generate a valid digital signature for a person or organization that does not have a specific private key. (To put it bluntly, there is no private key to forge a signature)
Digital Certificate
A digital certificate is issued by an authority. It contains the public key, the name of the certificate holder, and the digital signature file of the Certificate Authority. A digital certificate is issued by a third party, which also has its own digital certificate, known as the "root certificate ".
Example of a digital certificate:
Application of digital signatures in the security field:


A file with a valid digital certificate can generally be trusted as a secure file. For example, how can I determine that a software downloaded from the Internet is not a Trojan? Looking at the digital signature, if it contains the digital signature of a well-known company, it is generally considered safe. (Unless the company doesn't want to mix up, it intentionally adds malicious code or the private key is stolen, but this situation is too rare)


But are all Digitally Signed files normal and secure? Not necessarily. Some Trojans carry digital signatures! Although the signature is difficult to forge, it is not difficult to apply for a digital signature.


Anti-fake and shoddy digital certificates.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.