What is a Digital Signature?

Source: Internet
Author: User

Bob has a public and private key.

Bob's public key is public and can be obtained by anyone. But only Bob has his own private key. Both the public key and the private key can be used to encrypt the information separately, and the encrypted information can be decrypted with the other key accordingly.

For example, when Susan encrypts information with Bob's public key, she sends it to Bob. Bob gets the message, decrypts it with his private key, and obtains Susan's information. Other people, even if they get the information, cannot know the content of the information because there is no private key to Bob.

In another case, if Bob replies to Susan, a digital signature can be generated with the private key, which is placed at the end of the message. The purpose is to identify the information when it is modified.

When doing a data signature, Bob calculates the information with a hash and generates a summary of the information. Hash calculation is irreversible, that is, the information can not get the original information digest.

Bob then encrypts the information digest with the private key and generates a digital signature.

Finally Bob puts the digital signature at the end of the message. Send both the information and the signature to Susan.

After Susan receives the message and the signature, the digital signature is decrypted with the public key to get the message digest. The hash is used to calculate the information to get another message digest. If the two summaries are the same, the information has not been modified.

The complex situation has arisen.

Doug tried to trick Susan into replacing Bob's public key with her own public key, so Doug could impersonate Bob to communicate with Susan.

How do you make sure Bob's public key can't be disguised? A digital certificate appears.

Bob finds a recognized digital certificate authority that authenticates his public key. The certification authority, with its own private key, encrypts Bob's public key, Bob's information, and the certificate information, generating a digital certificate.

After Bob gets the digital certificate, he can replace the previous digital signature with a digital certificate.

After Susan receives Bob's information, it uses the public key of the digital certificate authority to decrypt the digital certificate, so that Bob can get the real public key.

Reference

    • What is a Digital Signature? An introduction to Digital Signatures, by David Youd
    • What is a digital signature?
    • Cryptography Notes
      • Public keys are used to encrypt information, private keys are used for digital signatures

What is a Digital Signature?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.