1

Public key is for encryption, and private key is for decryption in PKIs. And digital signature employs the PKIs. How to use a private key for encryption, and using public key for decryption which violate asymmetric cryptography?

from geeksforgeeks https://www.geeksforgeeks.org/digital-signatures-certificates/

The steps followed in creating digital signature are :

  1. Message digest is computed by applying hash function on the message and then message digest is encrypted using private key of sender to form the digital signature. (digital signature = encryption (private key of sender, message digest) and message digest = message digest algorithm(message)).
  2. Digital signature is then transmitted with the message.(message + digital signature is transmitted)
  3. Receiver decrypts the digital signature using the public key of sender.(This assures authenticity,as only sender has his private key so only sender can encrypt using his private key which can thus be decrypted by sender’s public key).
  4. The receiver now has the message digest.
  5. The receiver can compute the message digest from the message (actual message is sent with the digital signature).
  6. The message digest computed by receiver and the message digest (got by decryption on digital signature) need to be same for ensuring integrity.
Esa Jokinen
  • 16,725
  • 5
  • 51
  • 56
Andy Xu
  • 11
  • 1
  • 2
    "message digest is encrypted using private key of sender" -- this is wrong, but it is a common misconception. Signing *uses* the private key as part of the process. – schroeder Jan 31 '21 at 09:12
  • 1
    This has been discussed about a hundred times already; see my (incomplete!) list at https://security.stackexchange.com/questions/159282#159289 – dave_thompson_085 Feb 01 '21 at 01:24

0 Answers0