Security Basics mailing list archives
Re: Digital signature Question
From: Florian Streck <streck () papafloh de>
Date: Fri, 7 Nov 2003 00:30:46 +0100
On Thu, Nov 06, 2003 at 12:53:02PM -0600, Roger A. Grimes wrote:
It's that time of the month again, when I gain weight, retain water, and feel stressed...it's time for me to bug the fine folks of this list with my seemingly monthly question about public/private crypto stuff. I've asked a few questions over the months and the excellent responses have been overwhelming. I always get my answer (and enough wrong replies to make me realize that I'm not the only one still trying to understand crypto even after ten years in the security field). So, thanks in advance to anyone who answers. Main Question: When I hash a message to authenticate it, and then encrypt the hash result with a private key to make a digital signature, is the private key I'm using at that point (normally) a shared symmetric private key or my private key from my private/public key pair? I see many web sites (ex. www.whatis.com, and many others saying) that a digital signature is made when the user uses their CA assigned private key to encrypt the hash result. But my understanding has always been that private/public key crypto exists mainly to transport the more secure shared symmetric private key that does the original signing/encrypting.
First important fact is that symetric algorithms ( at least the ones in use) are much faster than asymetric ones AFAIK. If I want to sign a hash there is very little data to be signed so there is not much time to be saved. That means there is no reason to use a symetric key, that would have to be transported to the destination in a secure way (asuming that I haven't sent my mailing partner a CD or Floppy with the key) which would require to encrypt that key with the public part of the asymetric key of my partner. My conclusion, without knowing if it really is implemented that way (but hoping): Signing is done with your private key from your private/public keypair. Another thing is encrypting mails. Since you might have a very long mail it makes sense to use a fast algorithm, which means a symetric one. Therefore you generate a key for that symetric algorithm, encrypt the mail, and then, encrypt that symetric key with the public key of the recipient. So the slow asymetric method is used on very little data. Another effect is that you might want to send your encrypted mail to a group of people and the additional work is just to encrypt that symetric key for every recipient. This makes the process very fast compared to the variant where you have to encrypt the mail with a different public key for every recipient. I hope I could help you with my answer. And if I got it wrong I hope that there is a crypto-guru on this list to correct my errors. Florian Streck -- FORTUNE'S RULES TO LIVE BY: #23 Don't cut off a police car when making an illegal U-turn.
Attachment:
_bin
Description:
Current thread:
- Digital signature Question Roger A. Grimes (Nov 06)
- Re: Digital signature Question Byron Sonne (Nov 07)
- Re: Digital signature Question Hollis Johnson (Nov 07)
- RE: Digital signature Question David Gillett (Nov 07)
- RE: Digital signature Question Stephen Glenn (Nov 07)
- Re: Digital signature Question Florian Streck (Nov 07)
- Re: Digital signature Question Francisco Andrades (Nov 07)
- <Possible follow-ups>
- RE: Digital signature Question Stephen Glenn (Nov 07)
- Re: Digital signature Question N407ER (Nov 24)