i am learning the basics.......!

Saturday, December 16, 2006

Usage of Digital signature

I would like to refine the "case example" i said in previous post.

There are cases where the full privacy of message is important that we have to fully encrypt the message.

In some other scenarious the importance will be on several other factors. say;
1. Authentication
2. Non-repudiation
3. Integrity

Authentication: When Anoop sends a message to Biju. Biju should be able to verify that it is send by Anoop. He can do that by decrypting with Anoop's public key.

Non-repudiation: Nobody has Anoop's private key. So there will be no chance that anybody else will use Anoop's private key. So Anoop cannot deny that he has not send the message.

Integrity: The integrity of the message has to be validated. If somebody alters the message in between, the recepient should be able to detect it.
This is done by using digital signature: what it does is -> The sender will take the message contents, and will hash the message. This message will be encrypted by issuing authority's private key. The encrypted hash message is called digital signature.
On Receiving side: The recepient will take the message and hash it. Also he will take the encrypted hash and decrypt it with issuing authority's public key. The two hashes obtained can be compared and if same the message is ok for "integrity"

!!!
Disclaimer: Hi.., my readers. Better will be to read wikipedia. I am still learning the concepts!

No comments:

About Me

My photo
Predictably Unpredicatble, lazy, careless, sincere, honest, caring, Trouble maker, emotional, likeable