Cryptography Reference
In-Depth Information
Message
1
hash
function
Message
3
Signature
hash
Signature
2
Signature
algorithm
signature key
Figure 7.3.
Creation of an RSA digital signature with appendix
THE SIGNING PROCESS
Figure 7.3 illustrates the process of creating an RSA digital signature with
appendix.
1. The signer starts by hashing the data that is to be signed. We will shortly explain
why.
2. The signer now signs the hashed data. This process simply involves 'encrypting'
the hashed data using RSA as the encryption algorithm and the signer's
signature key as the 'encryption' key. Note that signing involves 'encrypting'
with the 'private' key of the signer, in contrast to the use of RSA for providing
confidentiality when we encrypt using the public key of the receiver (see
Section 5.2.2). This signed hash is the digital signature.
3. The signer sends to the verifier two pieces of information:
(a) the data itself;
(b) the digital signature.
These do not have to be sent together, but the verifier will need both pieces of
information before they can verify the digital signature.
THE VERIFICATION PROCESS
Figure 7.4 illustrates the process of verifying an RSA digital signature with
appendix.
1. The verifier's task is to compare two separate pieces of information. To compute
the first of them, the verifier takes the received data and applies the hash
function to it in order to obtain the hash of the received data.
2. The verifier now 'decrypts' the digital signature using RSA as the decryption
algorithm and the verification key of the signer as the 'decryption' key.
