Digital Signatures

One of the key technologies helping to make certificates work is digital signatures. A digital signature is basically a one-way hash of the message, or of whatever is being signed. This hash is then encrypted using the private key of the signer. The recipient of the message creates his or her own one-way hash of the message and then decrypts the signature hash and compares the two hashes. If the hashes match, the signature is valid, and the message hasn't been altered or tampered with since being signed. This process is illustrated in Figure 1.6.

Figure 1.6. The digital signature process.


One-Way Hash

A one-way hash is like a fingerprint of a message or other object. Several algorithms can be used to generate a one-way hash, each producing a different hash value. If any change, no matter how small, is made to the original message, the resulting hash value will be different.

A key aspect of a one-way hash is that there is no way to re-create the message from the hash value. The hash algorithms are designed such that there is no possible way to re-create the original message from the hash value.


Digital signatures are used not only for validating digital messages, but they are also a key technology for verifying the sender of a message. For any message that needs to guarantee who sent the message, and that the message hasn't been modified or tampered with in any way, the use of digital signatures is crucial.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset