
Securing Your Java Code • Chapter 7 303
then used the method verify() to check if the signature matched with
the public key (which it should in this example). Digital signatures are at
the heart of authentication, which is our next topic.
Authentication
Digital signatures on their own work fine for verification of a limited
number of people you are familiar with. For example, if your friend Julie
sends you a message, and you check the signature with the public signa-
ture on her Web page, you can verify that Julie in fact sent you the mes-
sage and it was not altered.
What if you receive a message from someone you don’t know, say
from a small company in ...