Security Basics mailing list archives
RE: Digital signature Question
From: "Stephen Glenn" <praetorian () mistral co uk>
Date: Thu, 6 Nov 2003 23:10:35 -0000
Roger I have just been involved in an Identrus PKI accreditation process for a major financial institution. I am also involved in the BACS (UK clearing system) and their move to an I/p based system using PKI. As such I have had to gen up on the whole PKI world and this is my understanding. The data to be hashed should be visible to the user who wants to sign the data and it should be hashed on the same machine the user is using to make sure that the hash is actually created from the correct data. So the hashing algorithm is run against the data and creates the hash. The hash is then signed by the private key. This is the private key of the of the public/private key pair used to create the certificate request normally sent to the CA. In the Identrus world the keys are generated on a smart card applet and the requests (a utility and an identity one) are sent to the Participant CA for creation of the digital certificates. The resultant Identity and Utility certificates are then stored on the smart card in addition to the participant certificate and the Identrus Root certificate. These certificates are included to create trust to the top of the pyramid in this case Identrus. The private key is protected on the smart card by a pin. All this happens before any transactions can happen with the card. When a user logs on to a site and is prompted to sign a piece of data for non-repudiation or whatever reason, the user should verify that the data he is about sign is correct and then the accredited software will create the hash and sign it with the private key after prompting the user to enter the pin which protects the private key. This normally happens under an SSL session and although in the Identrus realm the utility key can be used for session encryption most institutions still just use 128 SSL browser based encryption. Hope this helps it is complicated area. I may have some good slides which may explain it better than this posting. Drop me a mail if your are interested. Cheers Stephen Glenn -----Original Message----- From: Roger A. Grimes [mailto:rogerg () cox net] Sent: 06 November 2003 18:53 To: security-basics () securityfocus com Subject: Digital signature Question It's that time of the month again, when I gain weight, retain water, and feel stressed...it's time for me to bug the fine folks of this list with my seemingly monthly question about public/private crypto stuff. I've asked a few questions over the months and the excellent responses have been overwhelming. I always get my answer (and enough wrong replies to make me realize that I'm not the only one still trying to understand crypto even after ten years in the security field). So, thanks in advance to anyone who answers. Main Question: When I hash a message to authenticate it, and then encrypt the hash result with a private key to make a digital signature, is the private key I'm using at that point (normally) a shared symmetric private key or my private key from my private/public key pair? I see many web sites (ex. www.whatis.com, and many others saying) that a digital signature is made when the user uses their CA assigned private key to encrypt the hash result. But my understanding has always been that private/public key crypto exists mainly to transport the more secure shared symmetric private key that does the original signing/encrypting. Hence, I think the answer is that the message hash is signed by the shared symmetric private key and that key is they signed by the sender's private key from the sender's private/public key pair. Am I correct? If so, when is the digital signature made? At what point...when it is signed by the symmetric private key or by the private key from the private/public key pair? Roger **************************************************************************** **** *Roger A. Grimes, Computer Security Consultant *CPA, MCSE:Security (NT/2000/2003), CNE (3/4), A+ *email: rogerg () cox net *cell: 757-615-3355 *Author of Malicious Mobile Code: Virus Protection for Windows by O'Reilly *http://www.oreilly.com/catalog/malmobcode *Author of upcoming Honeypots for Windows (Apress) **************************************************************************** ***** --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Digital signature Question Roger A. Grimes (Nov 06)
- Re: Digital signature Question Byron Sonne (Nov 07)
- Re: Digital signature Question Hollis Johnson (Nov 07)
- RE: Digital signature Question David Gillett (Nov 07)
- RE: Digital signature Question Stephen Glenn (Nov 07)
- Re: Digital signature Question Florian Streck (Nov 07)
- Re: Digital signature Question Francisco Andrades (Nov 07)
- <Possible follow-ups>
- RE: Digital signature Question Stephen Glenn (Nov 07)
- Re: Digital signature Question N407ER (Nov 24)