Symmetric cryptography for Digital Signature

Today, I will give you a brief introduction to digital signatures using symmetric cryptographic systems.
The public key cryptography system is digitally signed and has never heard of this symmetric cryptography system. But now we
Of course, the most used is digital signature using the public key cryptography system.

Let's talk about the digital signature function first. Digital signatures can solve problems such as denial, forgery, tampering, and impersonation,
Digital signatures can be used to determine the user's identity, such as encrypted letters and vendors.
Business letters, ordering and purchasing systems, remote financial transactions, automatic mode processing, and so on.
 
Digital signatures provide anti-Denial-of-Service in the five major information security services. Data signature is generally not used
Directly sign the data (a lot of data is encrypted, which is actually incorrect, although encryption and signature are encrypted
Algorithm, but the provided security service is slightly different from the processing), but the sender implements the entire plaintext
Encryption transformation-for example, you can use the MD5 hash algorithm to obtain a hash value and sign the hash value.

Well, after talking about so many preparations, it's time to go to the topic. Here I will explain it in the example, set a: the sender
B: The recipient must, of course, have an organization that both A and B trust. This organization can generate and distribute keys.
In addition, in the case of disputes between the communication parties, the location can be determined, notarized, and can be used as the legal basis.
It works like a referee. Here I set it to ca

Of course, in this signature process, A and B both need to communicate with Ca, so a and B both have to communicate with Ca.
For the moment, we set the secret key to Ka and kb, that is (a, CA, Ka), (B, CA, KB ).

The process is as follows:
1. User A uses its own secret key to encrypt the data packet P to the ciphertext KA (P) and sends it to the trusted ca.

2. ca uses Ka to decrypt the ciphertext KA (p) to obtain the plaintext P, and then creates
The initial plaintext P constitutes a new packet (A, D, P), where the date D is used for future authentication and evidence
Then, encrypt the new message (a, d, p) with a key K that is unknown to anyone to obtain the new password.
K (a, d, p )). And send the ciphertext K (a, d, p) back to the sender

3. Then, sender a sends the ciphertext K (a, d, p) to receiver B. Communication between A and B.

4. The receiver B sends K (a, d, p) to the CA and requests for packet data (of course, this is for B and Ca,
In essence, for other users, the data in this packet is encrypted in KB. The ca uses K (a, d, p ))
The decryption result (A, D, P) is obtained, and KB (a, d, p) is encrypted with KB. Then, it is sent to B.
5. B decrypts the key kb to obtain (a, d, p). This is the plaintext for communication between A and B.

How to defend against the denial process:

If sender a denies that P has been sent to B, B can provide the ciphertext K (a, d, p) to the judge.
The judge asked CA to decrypt the ciphertext K (a, d, p), and then the judge could see the ciphertext (A, D, P ).
Apparently, the judge can be certain that it was sent by A. Because B does not know K, it is impossible to forge the ciphertext K (a, d, p ))
Similarly, if B denies receipt, it can be concluded.

Finally, I would like to give you a few questions to see if you understand this article:

1. How does a ca know that a request needs to communicate with B?
2. If B denies that he has received a message from a, how should the judge make a forensic decision?

This article only briefly introduces the signature using the symmetric password system. If there is anything wrong, please point out, I would be very grateful
My mailbox is anmeihong@sina.com