We need a digital signature
In the previous article, we talked about the Message Authentication Code (MAC). MAC is a technology used to verify the integrity of messages. It is generated from messages of arbitrary length and keys shared between sender and receiver.
One disadvantage of macs is that the secret keys are shared, so the sender can calculate the MAC value, and the receiver can calculate the same MAC value. Since both can calculate the same MAC value, it is impossible to tell who calculated the MAC value. The downside of the MAC is that it can’t prevent denial.
If sender A and receiver B use different keys, for example, A uses the private key to encrypt the message when sending it, and B uses the public key to decrypt the message when receiving it. Since the message can only be encrypted with A’s private key, the signature must be signed by A, so there is no denial issue. This is digital signature.
Signature generation and validation
The act of generating A message signature is done by sender A, also known as signing A message. To generate A signature is to calculate the signature value based on the message content. To generate A signature means that A approves the message content.
Verifying the digital signature can be done either by message recipient B or by a third party. Validation success means that the message was sent by A, failure means that the message was not sent by A.
During digital signature, sender A and receiver B use different keys for signature and authentication. The different keys used here are public and private keys.
Digital signature is the reverse of public key cryptography. Let’s look at the differences between the two:
The name of the | The private key | The public key |
---|---|---|
Public key cryptography | Used when the recipient decrypts | Used when the sender is encrypted |
A digital signature | Used when the signer generates a signature | Used when the verifier validates the signature |
Who holds the key? | People hold | The main need, anyone can hold |
Digital signature method
Generally speaking, there are two ways of digital signature:
- Sign the message directly
- Sign the hash value of the message
Here are two ways.
Sign the message directly
Signing a message directly involves the following steps:
- Sender A encrypts the message with its private key to generate A signature.
- User A sends the encrypted signature and message to user B.
- B decrypts the message signature with A’s public key to obtain message M1 before the signature.
- B compares the message M2 sent by M1 with that sent by A. If the two messages are consistent, the signature succeeds; otherwise, the signature fails.
Note the fourth step here. The purpose of the signature is to ensure that the message is generated by the person who only has the key, not to guarantee the confidentiality of the message delivery. So the digital signature itself is not supposed to guarantee confidentiality. If confidentiality is to be maintained, messages can be encrypted before being sent.
Sign the hash value of the message
Signing messages directly looks simple, but is rarely used in practice. Since signing the entire message is a time-consuming operation, we usually use a one-way hash function to process the message to a hash value and then sign the hash value:
- A computes the hash value of the message using A one-way hash function.
- User A uses its private key to sign the hash value.
- A sends the message and signature to B
- User B decrypts the signature using user A’s public key to obtain the hash value.
- B evaluates the message using a one-way hash function and compares the result to 4.
Can digital signatures replace real life signatures?
We’ve talked about how to implement digital signatures, and we’ve probably heard about electronic signatures in the real world.
Digital signatures have many technical advantages. No physical interaction is required to sign a contract and any data can be signed. In fact, whether digital signature can replace actual signature is a complicated social behavior.
Because when we use electronic signature, no one will design the signature algorithm, but simply press the signature button according to the information provided by the software.
Then whether the signature software is trustworthy is the problem we need to pay attention to.
Problems that digital signatures cannot solve
With digital signatures we can prevent forgery and tampering, and we can’t prevent denial. However, a major prerequisite is that the public key used to verify the signature must actually belong to the sender.
Here we need a trusted organization to issue a trusted public key, which involves the knowledge of certificates and PKI. We’ll talk about that in a later article.
See flydean’s blog for more tutorials