Digital Signatures

This section describes how public-key cryptography addresses the problem of sabotage. The sections that follow describe how it addresses the problem of spoofing.

Explain how digital signatures protect against sniffing and spoofing.

Sniffing and Spoofing

Encryption and decryption address the problem of sniffing (eavesdropping), one of the three Internet security issues mentioned at the beginning of this discussion. But encryption and decryption, by themselves, do not address the other two problems we mentioned in Internet Security Issues: sabotage (tampering) and spoofing (impersonation).

Authentication and sabotage detection  rely on a mathematical function called a one-way hash (which is used to create a message digest). A one-way hash is a number of fixed length with the following characteristics:

  • The value of the hash is unique for the hashed data.
  • Any change in the data, even deleting or altering a single character, results in a different hash value.
  • The content of the original data cannot be deduced from the hash.

Remember that we mentioned in the Public-Key Encryption section, that it is possible to use your private key for encryption and your public key for decryption. We pointed out that while this doesn't provide privacy, it is a crucial part of digitally signing any data. It works like this—instead of encrypting the data itself, the signing software creates a one-way hash of the data, then uses your private key to encrypt the hash. The encrypted hash is known as a digital signature.


Figure 2.8

This example shows a simplified view of the way a digital signature can be used to validate the integrity of signed data.  Two items are transferred to the recipient of the signed data:
  • The original data
  • The digital signature
The digital signature is a one-way hash (of the original data) that has been encrypted with the signer's private key. To validate the integrity of the data, the receiving software first uses the signer's public key to decrypt the hash. It then uses the same hashing algorithm that generated the original hash to generate a new one-way hash of the same data. (Information about the hashing algorithm used is sent with the digital signature, although this isn't shown in the example.) Finally, the receiving software compares the new hash against the original hash. If the two hashes match, the data has not changed since it was signed. If they don't match, the data may have been tampered with since it was signed, or the signature may have been created with a private key that doesn't correspond to the public key presented by the signer.

Confirming the identity of the signer, however, also requires some way of confirming that the public key really belongs to a particular person or other entity. There are places where you can find public keys that allegedly belong to public figures such as Bill Clinton or Al Gore. 

The significance of a digital signature is comparable to the significance of a handwritten signature. Once you have signed some data, it is difficult to deny doing so later—assuming that the private key has not been compromised or out of the owner's control. In some situations, a digital signature may be as legally binding as a handwritten signature.


Top of Page
Copyright © 1999 Sun-Netscape Alliance.
All Rights Reserved.