1

I have just learned Digital Signature and am trying to ensure that I have got my understanding of Digital Signature on the correct track.

Assume Alice wants to send a message (M) to Bob where the message is confidential , non-repudiation , integrity.

Alice has the public key ( Apub)

Alice has the private key (Apri)

Bob has the public key (Bpub)

Bob has the private key (Bpri)

The Hash Algorithm used is SHA-1

1) Alice will use Bob public key (Bpub) to encrypt Message (M) to get CipherMessage (CM)

2) Alice will sign on the Message(M) by hashing the Message(M) and encrypting it with her private key (Apri) to get Signature (s)

3) Alice will send CipherMessage (CM) & Signature (S) to Bob

4) Bob will use his private key (Bpub) to decrypt the CipherMessage (CM ) to get back Message ( M )

5) Bob will use Alice Public key (Apub) to decrypt the Signature to get the Hash Message (HM)

6) Bob will hash the Message (M) to get Hash Message (HM)

7) Bob will compare the two values of HM , if they are identical , Bob can be assured of confidentiality , message integrity and non-repudiation.

I am wondering if this is how digital signatures work in general ???

Computernerd
  • 2,401
  • 9
  • 24
  • 30
  • 1
    I believe you should read the answers for [How to Achieve Non-repudiation](http://security.stackexchange.com/questions/1786/how-to-achieve-non-repudiation) and [Trying to Understand RSA and its Terminology](http://security.stackexchange.com/questions/68822/trying-to-understand-rsa-and-its-terminology) – RoraΖ Oct 21 '14 at 11:30

1 Answers1

1

Be careful, you should not confuse keys used for encryption/decryption and keys used for signature, since there usage is different. So the key couple A-pub/A-priv is used for signature only, while the key couple B-pub/B-priv is used for encryption only. Be also careful that you should sign the ciphertext and not the plaintext, otherwise having the hash of the plaintext send along with the ciphertext is pretty bad. Likewise, having B deciphering the message before being able to check the signature is bad.

Thus:

  • Alice should hash the ciphertext, not the plaintext, and sign with her private key (A-priv) the hash of the ciphertext

  • Bob will first use Alice public key (A-pub) to verify the signature of the message by comparing it with the hash of the ciphertext. If the signature is valid, Bob will then use his own private key (B-priv) to decipher the message.

(you also have a typo at you point 4)

Dillinur
  • 468
  • 3
  • 7