11.5. DIGITAL SIGNATURES AND DIGITAL CERTIFICATES
Digital signatures and digital certificates are used to provide assurance to the message recipient that the message is authentic and that it cannot be repudiated by the sender. To digitally sign a message, the sender subjects a message to a oneway hashing function. The resulting message digest is encrypted, using the sender's private key, thereby resulting in a digital signature. The digital signature is appended to a message that has been encrypted with the receiver's public key.
Asymmetric Encryption With HashingSENDER PERFORMS THE FOLLOWING: Hash message using one-way hash function ⇒ digest Encrypt message and digest using receiver's public key ⇒ Encrypted message and digest Transmit encrypted message and digest ⇒ Receiver RECEIVER PERFORMS THE FOLLOWING: Decrypt message and digest using receiver's private key ⇒ Message and digest Hash message using same one-way hash function as sender ⇒ digest Compare digests ⇒ If same, message is intact. If different, reject transaction. |
Prior to receiving a message from the sender, the receiver must independently obtain a digital certificate for the sender. A digital certificate is issued by a trusted certificate authority (CA). The digital certificate identifies the sender and contains the sender's public key as well as the digital signature of the trusted CA. (See the last paragraph in this section for more details on how the sender obtains a digital certificate.)
On receipt of the message, ...
Get Auditing Information Systems, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.