Basic principles of digital signature work

Let us know here in this post some basic principles about digital signature and know why it is so important these days.

Let’s assume that two people Luka and Petar want to exchange signed messages (data) ie. they want to be sure of the identity of the person from whom they received the message. First of all, both people create a couple of complementary keys, a public digital key and a secret digital key. It is important to emphasize that by knowing the public key digital, the secret key can not be calculated at any reasonable time (the time required to calculate a secret key from a known public key digital, that is, breaking the code, is measured by millions of years at today’s most powerful computers). After creating the keys, Luka and Petar exchange their public keys, and then Luke uses his secret key to encrypt the message summary that he calculated from one of the “Hash” functions.

Hash function is a function that calculates a fixed length from the default message (data). When Petar succeeds in decrypting the message summary with the public key of Luke, he also counts the summary of the received message, which then compares with the precisely decoded, and if the calculation is made equal to that decoded, the recipient can be sure of the origin of the message (data) encrypted only by Lukin’s secret key, as well as the integrity of the message.

The role of a confidential customer

The problem described is solved in a way to introduce a “confidential party”. The assumption is that trusted parties are trusted by all other parties, and that they carry their public keys personally to sign, with the PS first checking their usual “physical” documents. In this case, the PS uses its secret key for signing a public key, thus guaranteeing all other validity of the signed public key.

There is another option, which is that PS generates a couple of keys, and with the prior physical authentication, allocates the keys. In this case, anyone who would like to check the validity of a person’s signature would have to find the public key of that person in the public keys (stored by PS) and then try to decrypt the received data with that key. The disadvantage of this other model is that in that case PS also possesses secret keys, which represents a significant security problem if the same key pair is used except for signing and for encrypting data.

Signatures and laws

Legislation  do not specify any signing technology as dominant, but only make regulations that each technology must adhere to. First of all, digital signatures are expected to be unique to the person who uses it; secondly, to verify who belongs to it or whether it really belongs to the person who used it, thirdly, that it is in full control of the person who uses it, the fourth, that confirms itself and the data it signs.
Already from this we see that there is a considerable advantage of digital signature over classic authentication methods. The biggest advantage is that the validity of the signature is checked each time the document is received, as opposed to the classic signatures that are checked only in court, when the fraud has already been played. In addition to this advantage, there is another significant advantage.

Which is the inability to subsequently modify the signed document, as well as the inability to sign empty documents. However, if the counterfeiter succeeds in reaching the secret key, then without any problems he can falsify the data without the slightest possibility of determining the difference of such a signature from the true signature, which is not the case with classical methods.

A few cryptographic algorithms are protected by various patents. For example, The most widespread asymmetric cryptographic algorithm, the RSA, was patented for 17 years until September 2000, and the Diffie-Hellman protocol, the same very important protocol, was expired in April 1997.

Unfortunately, these are not the only such examples as the only problems in wider application of cryptographic algorithms. Manufacturers of cryptographic software (s) have been forced to produce two or even three different versions of the same software package in order to comply with all export and patent regulations; the ban on the export of cryptographic software from the United States with a key longer than 40 bits was in force until the end of 1999, so that, for example, NAI (Network Associates) was forced to have two versions of its PGP program, one for the US market and the other for the international market.

However, both versions used “strong” encryption by using a “hole” in the US law prohibiting the export of software in binary form, but not the source code on the paper. In addition to this, there was a problem with the patented RSA algorithm, so the US versions did not use the same version as the international version. both versions used “strong” encryption by using a “hole” in the US law prohibiting software exports in binary form but not the source code on paper.

In addition to this, there was a problem with the patented RSA algorithm, so the US versions did not use the same version as the international version. both versions used “strong” encryption by using a “hole” in the US law prohibiting software exports in binary form but not the source code on paper. In addition to this, there was a problem with the patented RSA algorithm, so the US versions did not use the same version as the international version.
A similar problem occurs with the emergence of a new US Digital Signature Standard (DSS, 1994), because the parts of the used algorithm (which are not patented by themselves) are under patent protection by a similar algorithm based on discrete logarithms. This example, however, emerges from many others precisely because it is a standard that is obligatory to use all US state institutions; In other words this patent is likely to be felt by American taxpayers on their own pocket.
Finally, we also mention the ban on the export of any cryptographic software to countries like Iraq, North Korea or Cuba.

See too:

Handy Tecnologia

Deixe uma resposta

O seu endereço de email não será publicado. Campos obrigatórios marcados com *