Information Technology Reference

In-Depth Information

and the key. The recipient deciphers the symmetric key with his private key,

and finally deciphers the message with the symmetric key.

3.3
Digital signature

Thanks to the complementarity of public and private keys, a string encrypted

with a key can only be decrypted with the symmetric one. Thus, deciphering a

text using a key ensures that it has been encrypted with the complementary key.

Digital signature algorithms exploit this feature to verify the real origin of

the message (sender authentication).

The digital signature is a string, called fingerprint, derived from the

message by applying a particular algorithm. The fingerprint is unique, it is

encrypted using the private key of the sender and sent along with the message.

The public key is the only one that can decode the message (the keys are

complementary). The deciphering of the signature using the public key is an

evidence that it has been encrypted by the sender or by someone in possession

of its private key. Moreover, comparison of the deciphered string with a string

made from scratch from the message using the same algorithm allows to check

the integrity: if the two strings match, the message is intact [6].

3.4
Hashing algorithms

The digital signature algorithms based on hashing algorithms. They are one-

way algorithms that produce, starting from a variable-length string to a string

of fixed length (typically between 64 and 255 bits) that is characteristic of the

string data.

Their power is due to the following peculiarities: given a string of hash, it

is computationally impossible to derive the message from which it was

generated and it is computationally impossible that there are two messages

that produce the same string of hash, the same algorithm, applied more times

to the same message, always produces the same hash value.

The most popular algorithms are the following:

•

Message Digest Algorithm 5 (MD5), developed by RSA Data Security

Inc. It is the successor of MD2, and MD4, algorithms now in disuse. It

produces 128-bit hash from strings of arbitrary length, it is widely used

and is considered reasonably safe.

•

Secure Hash Algorithm (SHA), developed by National Institute of

Standards and Technology (NIST) and National Security Agency (NSA),

is used by the US government and produces strings of 160-bit hash from

strings of arbitrary length. It is considered quite safe. Usually used in

conjunction with the DSS.