Cryptography Reference
In-Depth Information
6
Signature and Message Authentication Schemes
Both signature schemes and message authentication schemes are meth-
ods for “validating” data; that is, verifying that the data was approved
by a certain party (or set of parties). The difference between signa-
ture schemes and message authentication schemes is that signatures
should be “universally verifiable”, whereas authentication tags are only
required to be verifiable by parties that are also able to generate them.
Signature Schemes:
The need to discuss “digital signatures” (49;
108) has arisen with the introduction of computer communication to
the business environment (in which parties need to commit them-
selves to proposals and/or declarations that they make). Discussions
of “unforgeable signatures” did take place also in previous centuries,
but the objects of discussion were handwritten signatures (and not dig-
ital ones), and the discussion was not perceived as related to “crypto-
graphy”. Loosely speaking, a
scheme for unforgeable signatures
should
satisfy the following:
•
each user can
eciently produce its own signature
on docu-
ments of its choice;
