- Alice publishes her public key PK and keeps her private key K safe.
- Alice produces an original bitstring S.
- Alice computes S'=f(S, K), which is a fixed-length bitstring.
- Alice publishes S+S'.
- If Carol wants to know if Alice is in fact the author of S, all she needs to do is compute g(S, S', PK), which returns true if S is the bitstring that was signed with S' and if it was K that was used to produce the signature. Assuming that only Alice knows K, this is enough to prove Alice's authorship of S.
- If Bob wants to impersonate Alice, stealing S' is useless because S' can only be used to authenticate S. Stealing PK is also useless because it can only be used to authenticate, not to sign. Altering S or S' doesn't work because it will cause the authentication to fail. Bob's only option is to steal or attempt to crack K.
Sunday 2 July 2017
Digital Signatures - a succinct maths formula/symbolic description
I cam across this beautifully succinct description of how digital signatures work written in maths formula/symbolic terms. Original thread is here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment