Page 1

[Authentication]

Signing a Message A digital signature guarantees that a message comes from a specific person and that it is unaltered. Creating a Signature

Bob processes his message with his secret key to produce his signature (a string of characters) for that message.

Please send me $100–Bob

Verifying a Signature

Alice processes Bob’s message and its signature with his public key to verify that they match each other.

Pl

es eas

en

100 –Bob iQC VAw d me $

Please send me $100–Bob

Bob’s public key:

Signature:

iQCVAwUBMXV

UBM

XV

Bob’s secret key:

Bob’s signature:

ob

iQ

CV Aw

UB

MX

V

iQCVAwUBMXV

0 10

Plea

Please send Eve $100–Bob secret key: ?????

Bob’s signature:

??????

Attempting a Forgery

Eve cannot produce the correct signature to sign her own message as “Bob” without his secret key.

se s

en

–B

$ ve dE

Please send Eve $100–Bob

Bob’s public key:

Signature:

iQCVAwUBMXV

Detecting a Fake

Alice knows she has a forgery when use of Bob’s public key fails to match the message with its signature. A signature copied from a real message will not pass.

key dates 1976: Whitfield Diffie and Martin E. Hellman, both at Stanford University, propose public-key encryption and authentication. 1977: Ronald L. Rivest, Adi Shamir and Leonard M. Adleman, all at the Massachusetts Institute of Technology, construct the first publickey cryptosystem, the RSA algorithm.

92  S C I E N T I F I C A M E R I C A N

matt collins

August 1977: In Martin Gardner’s Scientific American column, Rivest et al. challenge readers to decrypt a message encrypted by the RSA algorithm with a 129-digit key (RSA‑129). They estimate that doing so may take 40 quadrillion years. September 2008

09/2008--Authenticating Email  

A digital signature guarantees that a message comes from a specific person and that it is unaltered.

Read more
Read more
Similar to
Popular now
Just for you