Basic ideas – digital signatures•    A key-pair is created – a public and private key       Pv•    You keep the private ke...
So: – how do we have the best of both worlds –messages that only you can read and only one      specific person could have...
So: – how do we have the best of both worlds –messages that only you can read and only one      specific person could have...
Upcoming SlideShare
Loading in …5
×

Basic ideas – digital signatures

217 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
217
On SlideShare
0
From Embeds
0
Number of Embeds
18
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Basic ideas – digital signatures

  1. 1. Basic ideas – digital signatures• A key-pair is created – a public and private key Pv• You keep the private key Pu• Anyone can have the public key. Anyone could read them, but they could only have come from Pv • Messages encrypted with the private key can be you decrypted with the public key • Messages encrypted with the public key can be Pu decrypted with the private key Only you can read them, but they could have come from anyone
  2. 2. So: – how do we have the best of both worlds –messages that only you can read and only one specific person could have created?First approach.• Sender writes a little message to you. “Hi this message is from Sam”. They encrypt this message with their private key and add the result to the main message.• They then encrypt the whole resulting message with your public key – and send it to you.• Anyone intercepting the message can’t read it because they don’t have your private key. Could have been copied from another message• When you decrypt the message, you find this extra bit. You use the senders public key to decrypt that. If you have a good message .. It tells you ----- what?
  3. 3. So: – how do we have the best of both worlds –messages that only you can read and only one specific person could have created?Better approach.• Signature message is a HASH of the overall message – valid only for this message. Encrypted with their private key as before• Steps two and three are the same, the message is secure.• When you decrypt the message, you find this Could have been copied hash. You use the senders public key to decrypt from another it. Now you calculate the hash yourself, using message the same algorithm. If the two hashes match, you have a valid, signed message.

×