Information Technology Reference
In-Depth Information
and the key. The recipient deciphers the symmetric key with his private key,
and finally deciphers the message with the symmetric key.
3.3
Digital signature
Thanks to the complementarity of public and private keys, a string encrypted
with a key can only be decrypted with the symmetric one. Thus, deciphering a
text using a key ensures that it has been encrypted with the complementary key.
Digital signature algorithms exploit this feature to verify the real origin of
the message (sender authentication).
The digital signature is a string, called fingerprint, derived from the
message by applying a particular algorithm. The fingerprint is unique, it is
encrypted using the private key of the sender and sent along with the message.
The public key is the only one that can decode the message (the keys are
complementary). The deciphering of the signature using the public key is an
evidence that it has been encrypted by the sender or by someone in possession
of its private key. Moreover, comparison of the deciphered string with a string
made from scratch from the message using the same algorithm allows to check
the integrity: if the two strings match, the message is intact [6].
3.4
Hashing algorithms
The digital signature algorithms based on hashing algorithms. They are one-
way algorithms that produce, starting from a variable-length string to a string
of fixed length (typically between 64 and 255 bits) that is characteristic of the
string data.
Their power is due to the following peculiarities: given a string of hash, it
is computationally impossible to derive the message from which it was
generated and it is computationally impossible that there are two messages
that produce the same string of hash, the same algorithm, applied more times
to the same message, always produces the same hash value.
The most popular algorithms are the following:
•
Message Digest Algorithm 5 (MD5), developed by RSA Data Security
Inc. It is the successor of MD2, and MD4, algorithms now in disuse. It
produces 128-bit hash from strings of arbitrary length, it is widely used
and is considered reasonably safe.
•
Secure Hash Algorithm (SHA), developed by National Institute of
Standards and Technology (NIST) and National Security Agency (NSA),
is used by the US government and produces strings of 160-bit hash from
strings of arbitrary length. It is considered quite safe. Usually used in
conjunction with the DSS.
