Security Basics mailing list archives
Re: newbie: what does "sign the message digest" mean?
From: "Vinod Gadgoli" <vinod.infosec () gmail com>
Date: Thu, 22 Jun 2006 15:39:32 +1000
Hi Ravi, There are two kinds of cryptography 1. Symmetric Key - In which same key is used for both encryption and decryption. this key is shared between the sender and the receiver. The sender and receiver exchanges these keys in a secure manner as acceptable to both the parties. 2. Asymmetric key cryptography it uses two keys, one is called public key and the other is called private key. Either one can be used for encryption/decryption, and the other key is used for the reverse operation. for example, if u encrypt a message using public key then it can be decryped using private key (providing confidentiality) if u encrypt using ur private key, u can only decrypt the message using public key. In this case it provides authenticity to the messange (No confidentiality, bcoz public keys are displayed publicly on users home page etc.) In short, signing means encrypting the message using ur private key. HTH On 6/15/06, Ravi Malghan <rmalghan () yahoo com> wrote:
Hi: I am very new to cryptography. I am reading a book and donot seem to understand the meaning of "sign the message digest" even after reading the chapter several times. Below is what the book describes A sender wants to send a message called "Message" securly 1. sender computes the message digest for "Message". 2. sender signs the message digest and attaches the resulting digital signature plus the certificate to the message. The result is Signed Message + Sender Certificate + Signature 3. sender then encrypts the result from step 2 with a random session key . . and so on What does the Step 2 mean. I understand what is computing a message digest. 1. But don't understand what is "signs the message digest". 2. How is "Signed Message" different from "Message" 3. What is a Signature? Can someone explain? Thanks Ravi __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
-- Vinod Gadgoli Systems Security Engineer (MS Information Security) --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- newbie: what does "sign the message digest" mean? Ravi Malghan (Jun 14)
- Re: newbie: what does "sign the message digest" mean? Ansgar -59cobalt- Wiechers (Jun 15)
- Re: newbie: what does "sign the message digest" mean? Vinod Gadgoli (Jun 22)
- <Possible follow-ups>
- Re: newbie: what does "sign the message digest" mean? simonis (Jun 15)
- Re: newbie: what does "sign the message digest" mean? Aaron Rohyans (Jun 15)