They are used to bind signatory to the message. In the physical world, it is common to use handwritten signatures on handwritten or typed messages.
Private keys don’t leave smart cards when digital signatures are being created.Digital signatures are the public-key primitives of message authentication. It’s recommended to store private keys on smart cards to minimize the risk of them being stolen. Thus, personal computers and smartphones aren’t a good choice for storing private keys. Complexity is the worst enemy of security. That’s why the private key needs to be securely stored. Then, Mark isn’t the only one who knows his private key, and non-repudiation isn’t established. Once the private key of Mark is stolen, the security is broken. It allows Kevin to verify that the public key actually belongs to Mark. Kevin has the list of trusted CAs (with their public keys) in his operating system. The certificate is digitally signed by the trusted Certificate Authority (CA) – the hash of the certificate is encrypted with the private key of the trusted CA. Kevin gets the digital certificate from Mark, which includes Mark’s public key and his name. A digital certificate is used to solve that problem. How does Kevin know that the public key is really the one from Mark? There might be a man-in-the-middle introducing themselves as Mark. The property of non-repudiation is achieved by using a digital signature. When those hashes match, Kevin knows who the sender of the message really is, and exactly which message was sent. Then, Kevin calculates the hash of the document and compares it to the decrypted digital signature of the document, which is the hash of the document. Kevin uses Mark’s public key to decrypt the digital signature. Mark sends Kevin the document with the appended digital signature of the document. That encrypted hash is called a digital signature. Mark’s private key is used to encrypt the hash of the document. Now, let’s return to the story of Mark and Kevin to better understand how it works. Moreover, when something is encrypted with the private key, then anyone can verify it with the corresponding public key. When something is encrypted with the public key, only the corresponding private key can decrypt it. The private key is known only by the owner and can’t be derived from the public one.
Digital signatureįirst, one needs to know the relationship between the keys in asymmetric cryptography (the public and the private) in order to understand how digital signatures work. How can we solve this problem? A digital signature is the solution. The problem is that HMAC doesn’t provide non-repudiation, because Mark and Kevin share the key. HMAC is used to provide data integrity and authentication. That way, data integrity and authentication can be verified by Kevin. When the attacker (man-in-the-middle) changed the document and HMAC, it’d be detected by Kevin: the attacker doesn’t know the key. When they match, Kevin knows that it was Mark who sent this document. Then, Kevin compares the HMAC with the HMAC appended to the document. Kevin calculates the HMAC: hash of the document he received and the key he shares with Mark. Mark calculates HMAC, appends it to the document and sends it to Kevin. HMAC is a hash of the document and the key. Let’s assume that Mark is going to send the document to Kevin, and they share a key. What we also need is authentication of the sender. Hashing is used to achieve data integrity and there’s no key involved. Collision takes place when the same hash is created for two different documents. The longer the hash, the less likelihood of an occurrence of collision. The ideal hash function is irreversible, and there are no two different documents D1 and D2 such that H(D1)=H(D2). The hash of document D is denoted by H(D). Let’s first discuss how hashing can be used to achieve the integrity of the document. That exact document was sent by the sender: it hasn’t been modified on the way to the receiver. The sender is really the one who claims to be the sender of the document.Ģ. Having received a document, we want to make sure that:ġ. Defining the problemĭigital documents are ubiquitous. This article describes that property and shows how it can be achieved by using digital signatures.
Non-repudiation is a much desired property in the digital world.