5.5: Digital Signature (Doshi) Flashcards
What is a Digital Signature?
Digital Signature is a process where a digital code is attached to an electronically transmitted document to verify its contents and the sender’s identity.
How is a digital signature created?
(1) Creating a hash value or message digest of a given message
(2) Encryption of the hash value or message digest with the private key of the sender.
What is the another name for a hash?
A message digest.
*It must be noted that the hash value will be unique for each message.
What is the purpose of hash value?
To validate the integrity of the message
How does a message flows from sender A to Sender B using a digital signature?
(1) Creating a hash value or message digest of a sender A’s given message
(2) Encryption of the hash value or message digest with the private key of the sender A
(3) Message digest is sent via an email to sender B
(4) System calculate Hash message, and decrypt Message using Sender A’s public key
What does a digital signature ensures?
(1) Integrity
(2) Authentication
(3) Non-repudiation
Integrity
A message has not been tampered
Authentication
A message has been actually sent by sender
Non-repudiation
Sender cannot later deny about sending the message
Can digital signature ensure confidentiality?
No , it doesn’t, because digital signature only encrypts the hash of the message and not the message itself.
What key is used for encryption of the hash of the message?
The private key of the sender.
Digital Signature ensures:
(i) Integrity (i.e message has not been tampered)
(ii) Authentication (i.e message has been actually sent by sender)
(iii) Non-repudiation (i.e sender cannot later deny about sending the message)
But, digital signature does not provide:
Confidentiality
It must be noted that digital signature
does not provide confidentiality of the message.
In any given scenario, digital signature encrypts the hash of the message (and not the message). Hence
digital signature does not provide confidentiality or privacy.
