Page 243 - DCAP403_Operating System
P. 243
Operating System
Notes (b) Encrypt the digest using “X”-private key [digital signature]
(c) Combine the plain text (X’s-message) with signature, and send it to person ‘Y’
through Internet.
2. To receive message (Y receive)
(a) Decrypt the ‘digital signature’ with ‘X’ public key
(b) Calculate the message digest using hash function. [person Y uses the same hash-
functions as that of person X, which was agreed upon before hand]
(c) Compare the each message digest, calculated and decrypted.
(d) If both message digest’s are same (one which is sent by X, and the one which is
generated by Y) –then it is authentic – if not signature or message has been
tempered.
12.9.2 Advantages of Digital Signature
Unauthorized person’s can access to the public key of person ‘X”, but cannot have his (X) hash
function, which makes the digital signature authentic.
Disadvantages: As the body of the message is sent as plain text, privacy is not maintained. To
overcome this difficulty when privacy is important one could use symmetric algorithm for plain
text.
12.10 Digital Certifi cate
Digital certificates, or certs, simplify the task of establishing whether a public key truly belongs to
the purported owner. A certificate is a form of credential. Examples might to your driver’s license,
your passport, or your birth certificate. Each of these has some information on it identifying you
and some authorization stating that someone else has confirmed your identity. Some certifi cates,
such as your passport, are important enough confirmation or your identity that you would not
want to lose them, lest someone use them to impersonate you.
A digital certificate is data that functions much like a physical certificate. A digital certifi cate is
information included with a person’s public key that helps others verify that a key is genuine or
valid. Digital certificates are used to thwart attempts to substitute one person’s key for another.
A digital certificate consists of three things:
A public key certificate information (“Identity” information about the user, such as name, user ID
and so on). One or more digital signature (of the CA)
The purpose of the digital signature on a certificate is to state that the certifi cate information
has been attested to by some other person or entity. The digital signature does not attest the
authenticity of the certificate as a whole, it vouches only that the information, which the certifying
authority has signed, goes along or is bound to the public key listed in the certifi cate.
Basic aim to conduct secure and safe electronic transaction. Asymmetric cryptography allows
a merchants distribute his (merchants) public key to all his correspondents, may be e-mail, or
server, while keeping the private key secure (confined to himself only). But these key pairs can
be generated by any one, third person may generate a pair of key and send that public key
to the merchants correspondent, claiming that it has come from the merchant. This allows the
third person or party to forge the message in the name of merchant. This is where a “certifi cate
authority” comes into existence.
236 LOVELY PROFESSIONAL UNIVERSITY
