Security Basics mailing list archives

RE: Digital signature Question

From: "Stephen Glenn" <praetorian () mistral co uk>
Date: Thu, 6 Nov 2003 23:10:35 -0000

Roger

I have just been involved in an Identrus PKI accreditation process for a
major financial institution. I am also involved in the BACS (UK clearing
system) and their move to an I/p based system using PKI. As such I have had
to gen up on the whole PKI world and this is my understanding.

The data to be hashed should be visible to the user who wants to sign the
data and it should be hashed on the same machine the user is using to make
sure that the hash is actually created from the correct data.

So the hashing algorithm is run against the data and creates the hash.

The hash is then signed by the private key. This is the private key of the
of the public/private key pair used to create the certificate request
normally sent to the CA. In the Identrus world the keys are generated on a
smart card applet and the requests (a utility and an identity one) are sent
to the Participant CA for creation of the digital certificates. The
resultant Identity and Utility certificates are then stored on the smart
card in addition to the participant certificate and the Identrus Root
certificate. These certificates are included to create trust to the top of
the pyramid in this case Identrus. The private key is protected on the smart
card by a pin.

All this happens before any transactions can happen with the card.

When a user logs on to a site and is prompted to sign a piece of data for
non-repudiation or whatever reason, the user should verify that the data he
is about sign is correct and then the accredited software will create the
hash and sign it with the private key after prompting the user to enter the
pin which protects the private key. This normally happens under an SSL
session and although in the Identrus realm the utility key can be used for
session encryption most institutions still just use 128 SSL browser based
encryption.

Hope this helps it is complicated area. I may have some good slides which
may explain it better than this posting. Drop me a mail if your are
interested.

Cheers

Stephen Glenn

-----Original Message-----
From: Roger A. Grimes [mailto:rogerg () cox net]
Sent: 06 November 2003 18:53
To: security-basics () securityfocus com
Subject: Digital signature Question


It's that time of the month again, when I gain weight, retain water, and
feel stressed...it's time for me to bug the fine folks of this list with my
seemingly monthly question about public/private crypto stuff.  I've asked a
few questions over the months and the excellent responses have been
overwhelming.  I always get my answer (and enough wrong replies to make me
realize that I'm not the only one still trying to understand crypto even
after ten years in the security field).  So, thanks in advance to anyone who
answers.

Main Question:  When I hash a message to authenticate it, and then encrypt
the hash result with a private key to make a digital signature, is the
private key I'm using at that point (normally) a shared symmetric private
key or my private key from my private/public key pair?

I see many web sites (ex. www.whatis.com, and many others saying) that a
digital signature is made when the user uses their CA assigned private key
to encrypt the hash result.  But my understanding has always been that
private/public key crypto exists mainly to transport the more secure shared
symmetric private key that does the original signing/encrypting.

Hence, I think the answer is that the message hash is signed by the shared
symmetric private key and that key is they signed by the sender's private
key from the sender's private/public key pair.  Am I correct?

If so, when is the digital signature made?  At what point...when it is
signed by the symmetric private key or by the private key from the
private/public key pair?

Roger

****************************************************************************
****
*Roger A. Grimes, Computer Security Consultant
*CPA, MCSE:Security (NT/2000/2003), CNE (3/4), A+
*email: rogerg () cox net
*cell: 757-615-3355
*Author of Malicious Mobile Code:  Virus Protection for Windows by O'Reilly
*http://www.oreilly.com/catalog/malmobcode
*Author of upcoming Honeypots for Windows (Apress)
****************************************************************************
*****


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------

Current thread:

Digital signature Question Roger A. Grimes (Nov 06)
- Re: Digital signature Question Byron Sonne (Nov 07)
- Re: Digital signature Question Hollis Johnson (Nov 07)
- RE: Digital signature Question David Gillett (Nov 07)
- RE: Digital signature Question Stephen Glenn (Nov 07)
- Re: Digital signature Question Florian Streck (Nov 07)
- Re: Digital signature Question Francisco Andrades (Nov 07)
- <Possible follow-ups>
- RE: Digital signature Question Stephen Glenn (Nov 07)
  - Re: Digital signature Question N407ER (Nov 24)