Saturday, October 24, 2009

Digital Signatures

Cryptography covers 15 percent of the CompTIA Security+ (Exam SY0-201) objectives, and digtial signatures are one element you should understand.

A digital signature provides authentication, integrity and non-repudiation.  It requires a PKI infrastructure because public and private keys are used. A public and private key pair is two keys where one can encrypt data, and this data can only be decrypted by the other key.

Here's the process if Sally creates a messages and digitally signs it.
  • First, a hash is created of the message.  This is effectively just a number (though a large number) created by executing a hashing algorithm agains the message. The hash provides integrity.
  • The hash (not the message) is encrypted with Stally's private key.  Sally's private key is private and she is the only one that access to it.
  • Sally sends the message to Joe.  Joe has Sally's public key.  If Sally's public key can decrypt the hash, then it must have been encrypted with Sally's private key.  This provides both authentication and non-repudiation. 
  • The hash can be recomputed on Joe's computer.  If the hash is the same as the encrypted hash sent by Sally, message integrity has been maintained. If the hash was different, message integrity is lost.

Hope this helps.

Darril Gibson