Cryptography Reference
In-Depth Information
CHAPTER
4
Authenticating Communications
Using Digital Signatures
In Chapter 3, you examined public key cryptography in detail. Public key cryp-
tography involves generating two mathematically related
keys
, one of which
can be used to encrypt a value and the other of which can be used to decrypt
a value previously encrypted with the other. One important point to note is
that it technically doesn't matter which key you use to perform the encryp-
tion, as long as the other one is available to perform the decryption. The RSA
algorithm defi nes a
public key
that is used to encrypt, and a
private key
that is
used to decrypt. However, the algorithm works if you reverse the keys — if you
encrypt something with the private key, it can be decrypted with — and
only
with — the public key.
At fi rst glance, this doesn't sound very useful. The public key, after all, is
public. It's freely shared with anybody and everybody. Therefore, if a value is
encrypted with the private key, it can be decrypted by anybody and everybody as
well. However, the nature of public/private keypairs is such that it's also impos-
sible — or, to be technically precise, mathematically infeasible — for anybody
except the holder of the private key to generate something that
can
be decrypted
using the public key. After all, the encryptor must fi nd a number
c
such that
c
e
%
n
m
d
satisfi es this condition and
it is believed to be computationally infeasible to fi nd another such number
c
.
As a result, the private key can also be used to prove identity. The holder of
the private key generates a message
m
, and sends it to the receiver (unencrypted).
Then the holder of the private key encrypts
m
using the private key (
d
,
n
) and
m
for some arbitrary
m
. By defi nition,
c
Search WWH ::
Custom Search