Cryptography Reference
In-Depth Information
7.3.2
Basic model of a digital signature scheme
We assume that anyone who wishes to be able to digitally sign data is in
possession of a public-key pair. Only the signer knows their 'private' key and
the corresponding 'public' key is made available to anyone by whom the signer
wishes their digital signatures to be verified. This could be by making it publicly-
available. It is very important, however, that we do not use this key pair for
decryption/encryption and signing/verifying (see Section 10.6.1). Thus we will
refer to the 'private' key in this case as the
signature key
and the 'public' key as
the
verification key
. The basic model of a digital signature scheme is shown in
Figure 7.2.
The
signature algorithm
takes as input the data that is being signed and the
signature key. The output is the
digital signature
, which is then sent to the verifier.
The verifier inputs the digital signature and the verification key into the
verification
algorithm
. The verification algorithm outputs some data, which should be the
same data that was digitally signed. Using this output the verifier makes a decision
on whether the digital signature is valid.
7.3.3
Two different approaches
There are two different approaches to designing digital signature schemes. Recall
that a digital signature is essentially a cryptographic value that is calculated from
the data and a secret parameter known only by the signer. A verifier who wishes
to verify the correctness of this digital signature will need to run the verification
Verifier
Signer
signature
key
verification
key
message
Verification
algorithm
Signature
algorithm
Digital signature
?
Interceptor
Figure 7.2.
Basic model of a digital signature scheme
