Page 314 - DCAP103_Principle of operating system
P. 314

Unit 9: System Security



                                                                                                  Notes

                            Digital Signatures and Public Key Cryptography


                  ignatures  on  documents  in  the  real  world  are  the  specialized  or  unique  mark  or
                  impression made by the person with the help of ink. It is assumed that no two persons
             Swould have the same signature. The signature of a person on the document implies
             that the document is attributed to him. Signature are made by the person to authenticate the
             documents. ‘The authenticity of many legal, financial and other documents is determined by
             the presence or absence of an authorized handwritten signature. For computerized message
             systems to replace the physical medium of paper and ink documents, a solution must be
             found to the problem of authenticating the messages. The solution to this problem in digital
             media is called Digital Signature.

             Relating Digital Signatures with Public Key Cryptography
             As we have seen in the public cryptographic system, a sender encrypts the message using
             the receiver’s public key. The encrypted message is then decrypted by the receiver’s private
             key. Digital Signatures are based on the same concept but the difference is that the sender
             encrypts the message with its private key and the receiver decodes it with the sender’s public
             key. Thus the mechanism of public key cryptography is reversed in the implementation of
             digital signature system. The signer or sender encodes the document with his own private
             key. This allows anyone with his public key to decode the document. Since the documents can
             be decoded with his public key, and he is the only one who has access to the corresponding
             private key, everyone knows that he really did encode (sign) it. This proves the authenticity
             and the integrity of the document.
             The sender or the signer (A) of a document (D) will sign the document in the following ways:
               1.  Encrypt document (D) with the private key of sender (A).
               2.  Cipher text produced in the step 1, is thus the signed document 3.
               3.  The receiver (B) of the cipher text will decrypt it using the public key of sender (A).
             The sender publishes his public key to all the potential recipients of a document signed by
             him. The private key of the sender remains with the sender thus, only he will be able to
             encrypt the document with this key. Only the receiver who has the public key of the sender
             will be able to decrypt the document. This serves the purpose of a digital signature. Therefore,
             we may define the digital signature as follows:
             Digital Signature represents that way of document encryption or public key cryptography,
             in which the documents are encrypted by the private key of the signer and decrypted by
             the receiver using the public key of the signer.

              Questions:
               1.  What are digital signatures?
               2.  What is the relationship of Digital signatures with Public Key Cryptography?


            Self Assessment


            Fill in the blanks:
               5.  .................... is the science of writing in secret code.

               6.  Secret key cryptography uses a single key for both .................... and decryption.



                                             LOVELY PROFESSIONAL UNIVERSITY                                   307
   309   310   311   312   313   314   315   316   317   318   319