Introduction
Digitalsignatures(alsoknownaspublickeydigitalsignatures)aresimilartoordinaryphysicalsignatureswrittenonpaper,butItusestechnologyinthefieldofpublickeyencryptionandisusedtoauthenticatedigitalinformation.Asetofdigitalsignaturesusuallydefinestwocomplementaryoperations,oneforsigningandtheotherforverification.Theoutputofthesigningprocessisalsocalledadigitalsignature.
Use
Theuseofdigitalsignaturesincommunicationsisgenerallybasedonthefollowingreasons:
Authentication
ThepublickeyencryptionsystemallowsanyonetoThepublickeyisusedtoencrypttheinformationwhenitissent.Adigitalsignaturemakestherecipientoftheinformationconfidentthatthesenderiswhattheyclaimtobe.Ofcourse,thereceivercannotbe100%sureofthesender'strueidentity-thereceivercanonlybereasonablysureifthecryptographicsystemhasnotbeendeciphered.
Theimportanceofauthenticationisparticularlyprominentinfinancialdata.Forexample,supposeabanktransmitsinstructionsfromitsbranchtoitscentralmanagementsystem.Theformatoftheinstructionis(a,b),whereaistheaccountnumberoftheaccountandbisthecurrentamountoftheaccount.Atthistime,aremotecustomercandeposit100yuanfirst,observetheresultofthetransmission,andthensendinstructionsintheformat(a,b)oneafteranother.Thismethodiscalledareplayattack.
Integrity
Thetwopartieswhotransmitthedataalwayswanttoconfirmthatthemessagehasnotbeenmodifiedduringthetransmission.Encryptionmakesitverydifficultforthirdpartiestoreaddata,butthirdpartiescanstilltakefeasiblemethodstomodifydataduringtransmission.Apopularexampleisahomomorphicattack:Recallthatthebankabovesentinstructionsintheformat(a,b)fromitsbranchtoitscentralmanagementsystem,whereaistheaccountnumberandbistheamountintheaccount..Aremotecustomercandeposit100yuanfirst,theninterceptthetransmissionresult,andthentransmit(a,b3),sothatheimmediatelybecomesamillionaire!
Non-repudiation
Inthecontextofciphertext,thetermdenialreferstonon-acknowledgmentofactionsrelatedtothemessage(thatis,theclaimthatthemessagecomesfromathirdparty).Therecipientofthemessagecanusedigitalsignaturestopreventallsubsequentdenials,becausetherecipientcanshowthesignaturetootherstoprovethesourceoftheinformation.
Implementation
Thedigitalsignaturealgorithmisimplementedbypublickeyencryptiontechnology.Inpublickeyencryptiontechnology,eachuserhasapairofkeys:apublickeyandaprivatekey.Thepublickeycanbereleasedfreely,buttheprivatekeyiskeptsecret;anotherrequirementistomakeitimpossibletocalculatetheprivatekeyfromthepublickey.
Commondigitalsignaturealgorithmsincludethreealgorithms:
Apasswordgenerationalgorithm
Markingalgorithm
Verificationalgorithm