1

Trying to get my head around digital signatures and hit a slight block. The book I am using gives the following information

  • Device A hashes a message to create a message digest
  • Device A encrypts the digest with device A's private key to create a signature
  • Device A adds the signature to the message Device A encrypts the whole message (including the signature) using device B's public key
  • Device A sends the message to device B

  • Device B decrypts the message with device B's private key
  • Device B splits the signature off of the message
  • Device B decrypts the signature using device A's public key to get the message digest
  • Device B hashes the message to get a message digest
  • If the message digest device B created is the same as the one decrpyted, the message has not been tampered with

All fine, but how does device B know what hashing algorithm was used to create the message digest?

Robert Flook
  • 119
  • 1
  • 2

4 Answers4

1

First of all signing does not equal encrypting. It only works on some crypto systems and even then it is not the whole picture.

Hash algorithms are used for various reasons. One of them is to reduce the size of the signature since the digest is generally a lot smaller than the message itself.

But the main cryptographic reason behind hash functions is to make it so that a possible attacker cannot force the message he wants to forge a signature for, to have a certain property.

It is a bit technical but for example in the ElGamal cryptosystem if you sign the message itself then it is possible for an attacker to produce a valid signature without knowing the secret key. If however you sign the hash of the message then this is not possible.

mandragore
  • 357
  • 1
  • 8
1

In a typical PKI system there are certain system parameters that needs to be known to both parties.

This can either pre-known or exchanged during a handshaking(eg.TLS). Once these details are known then the protocol can be followed as described

manish kanchan
  • 11
  • 2
0

Just as someone uses a public key, they would also display their hash function. The hash function will make the message smaller, and it also adds security so that keys cannot be forged. Adding a hash function to public key crypto is just an added layer of security.

CSstudent
  • 153
  • 7
0

In any practical crypto system when you create digital signature, it will be encoded to a specific format called PKCS#7 signed data. PKCS#7 is a standard defined by RSA laboratory to store signature and it's associated parameter such as digest algorithm, signing certificate, signing time, signed data, digest value, signature algorithm, signature value etc in a single structure. For more information please refer RFC 2315 which deals with PKCS#7. So any signature verification tools parse this PKCS#7 structure and extract digest algorithm before it does signature verification.

Deva
  • 1