Page 249 - DCAP311_DCAP607_WIRELESS_NETWORKS
P. 249

Unit 14: Authentication





          z z  Hash value is encrypted with the sender's private key.                           Notes
          z z  Encrypted hash value is appended to the message as a digital signature.
          z z  Message is sent.
          The following figure 14.13 shows the sequence of verifying with the addition of the supporting
          elements of public key cryptography.

                           Figure 14.12: Sequence of signing Public Key Cryptography

















          Source: http://technet.microsoft.com/en-us/library/aa998077(v=exchg.65).aspx
          z z  Message is received.
          z z  Digital signature containing encrypted hash value is retrieved from the message.
          z z  Message is retrieved.
          z z  Hash value of the message is calculated.
          z z  Sender's public key is retrieved.
          z z  Encrypted hash value is decrypted with the sender's public key.

          z z  Decrypted hash value is compared against the hash value produced on receipt.
          z z  If the values match, the message is valid.
          The sequence shows how public key cryptography provides the capabilities that give a digital
          signature its core security services: authentication, nonrepudiation, and data integrity.

          14.4.4 Public Key Cryptography and Message Encryption

          Unlike digital  signatures, the relationship between  public key cryptography  and message
          encryption is generally more straightforward, because encryption is a core function of public
          key cryptography. However, message encryption is not accomplished by only encrypting and
          decrypting the message using the key pair. The key pair is used in message encryption, but not
          for the entire message.

          Because the goal of message encryption is to ensure that only authorized recipients can view the
          message, the private key of each recipient is suited to provide that service. Because the private
          key can only be successfully used by its owner, the use of the key during the reading of a message
          ensures that the owner of that key, and only the owner of that key, can read the message. This
          capability provides the confidentiality that underlies message encryption. Further, because the
          public key can be distributed widely, it allows any number of people to send information to a
          single private key holder.

          However, the key pair is not used on the entire message. This is because the encryption and
          decryption operation using a key pair is an expensive process, due to the necessary complexity
          of the keys' algorithms. Although a key pair needs to be used, it does not necessarily have to




                                           LOVELY PROFESSIONAL UNIVERSITY                                   243
   244   245   246   247   248   249   250   251   252   253   254