Digital signatures provide a solution to the problem of message authentication, and let Bob accurately identify the author of messages he receives. For example, with digital signatures, Bob can differentiate between messages sent by Alice and messages forged by Eve. In this chapter, we explain what digital signatures are, how they work, and how you use them. We also extend the .NET Framework by adding support for digital signatures to the implementation of the ElGamal algorithm that we introduced in Chapter 15.
Digital signatures are a different application of the asymmetric algorithms that we discussed in Chapter 15. You use an asymmetric key pair to create a “signature” for a message by adding a signature function to the asymmetric algorithm. The recipient can verify the signature using a verification function. Asymmetric algorithms that support signature and verification functions are digital signature algorithms. Each digital signature is specific to an individual message or document, and if Alice signs a message, Bob can be confident that Eve has not sent him a forgery.
Figure 16-1 provides an overview of using digital signatures, which work as follows:
Alice selects an asymmetric signature algorithm and follows the key generation protocol to create a new pair of keys. She keeps her private key secret and sends the public key to Bob.
Alice composes a message and creates a signature using her private key.
Alice sends ...