![]() Non-repudiation − Since it is assumed that only the signer has the knowledge of the signature key, he can only create unique signature on a given data. Hence, receiver can safely deny the message assuming that data integrity has been breached. The hash of modified data and the output provided by the verification algorithm will not match. Message authentication − When the verifier validates the digital signature using public key of a sender, he is assured that signature has been created only by sender who possess the corresponding secret private key and no one else.ĭata Integrity − In case an attacker has access to the data and modifies it, the digital signature verification at receiver end fails. Let us briefly see how this is achieved by the digital signature − Out of all cryptographic primitives, the digital signature using public key cryptography is considered as very important and useful tool to achieve information security.Īpart from ability to provide non-repudiation of message, the digital signature also provides message authentication and data integrity. The hash of the data is a relatively small digest of the data, hence signing a hash is more efficient than signing the entire data. Signing large data through modular exponentiation is computationally expensive and time consuming. As discussed in public key encryption chapter, the encryption/signing process using RSA involves modular exponentiation. Let us assume RSA is used as the signing algorithm. The most important reason of using hash instead of data directly for signing is efficiency of the scheme. Since the hash of data is a unique representation of data, it is sufficient to sign the hash in place of data. It should be noticed that instead of signing data directly by signing algorithm, usually a hash of data is created. Since digital signature is created by ‘private’ key of signer and no one else can have this key the signer cannot repudiate signing the data in future. Based on the comparison result, verifier decides whether the digital signature is valid. Verifier also runs same hash function on received data to generate hash value.įor verification, this hash value and output of verification algorithm are compared. The verification algorithm gives some value as output. ![]() Verifier feeds the digital signature and the verification key into the verification algorithm. Signature is appended to the data and then both are sent to the verifier. Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signer feeds data to the hash function and generates hash of data. The private key used for signing is referred to as the signature key and the public key as the verification key. Generally, the key pairs used for encryption/decryption and signing/verifying are different. The following points explain the entire process in detail −Įach person adopting this scheme has a public-private key pair. The model of digital signature scheme is depicted in the following illustration − Model of Digital SignatureĪs mentioned earlier, the digital signature scheme is based on public key cryptography. This requirement is very crucial in business applications, since likelihood of a dispute over exchanged data is very high. In real world, the receiver of message needs assurance that the message belongs to the sender and he should not be able to repudiate the origination of that message. This binding can be independently verified by receiver as well as any third party.ĭigital signature is a cryptographic value that is calculated from the data and a secret key known only by the signer. Similarly, a digital signature is a technique that binds a person/entity to the digital data. ![]() They are used to bind signatory to the message. In the physical world, it is common to use handwritten signatures on handwritten or typed messages. Digital signatures are the public-key primitives of message authentication.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |