The last topic we had discussed about public key encryption, that key is good can security the message send from sender, but it can't verified the sender? This topic is help you how to verify the sender. We can use digital signature to do it!
What is digital signature? Why do we use it?
A digital signature is equivalent to a handwritten signature. It is an electronic verification of the sender.
A digital signature serves three purposes
1. Authentication: A digital signature gives the receiver reason to believe the message was created and sent by claimed sender
2. Non-repudiation: With digital signature, the sender cannot deny having sent the message later on
3 Integrity: A digital signature ensures that the message was not altered in transit
- Digital signatures are commonly used for software distribution, financial transactions, and other case where it is important to detect forgery and tampering
- Digital signatures are very popular with email users.
Here is the scenario
Bod is sending a memo to Alice with his digital signature. Keep in mind digital signature uses a asymmetric cryptography, which mean public key algorithm is employed!
First Bob generates 2 keys, public key and private key: Bod keep private key, Alice keep public key
- Bob generates memo and generates Asymmetric Cryptographic Algorithm with digital signature
- Bob sends both of the memo and a digital signature to Alice, she will do two things one Alice decrypts the digital signature using Bob's public key and she gets a digest if she cannot decrypt the digital signature then she knows it did not come from Bob because of only Bob's public key is able to decrypt the digests generated with his primary key
Note: Using digital signatures does not encrypt the message itself
Any feedback or comment leave your comment, we can discuss about it
Zidane
