Hi every body.
It has been a long a while since i last posted, when this side used to be cisco net pro.
I was reading about digital signature in my book.
Here is what my book says:
" First the information is put through a message digest or hash function. The hash function creates a checksum of the information. Thischecksum is then encryptyed by user's private key. The information and the encrypted checksum aresent to the receiverof the information"
I just want to know if the information is also encrypted by the private key by sender? My book does not hint aboput it. All it says the checksum is encrypted by private key which is then sent along with information to receiver. It is not cleared if the information is also encrypted or not.
Thanks and have a nice weekend.
Digital signature is not intended for confidentiality. It is only intended for data integrity (the data has not been changed since it was signed) and for non-repudiation (somebody can't say that they didn't send you the data). Therefore the data is not encrypted. If you need confidentiality so that nobody with a network capture utility can see the data, then you would need to use encryption.
For digital signature, the sender (signer) signs the data with his/her private key and the receiver verifies the signature with the sender's public key. If the checksum can be decrypted with the sender's public key, then it must have been encrypted using the sender's private key (non-repudiation).
For data encryption, the sender uses the receiver's public key to encrypt the data. The only key that can now be used to decrypt the data is the receiver's private key. Hence only the receiver can decrypt the data.
Hope this helps,