cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2859
Views
0
Helpful
3
Replies

digital signature

sarahr202
Level 5
Level 5

Hi  every body.

It has been a long a while since i  last posted, when this side used to be cisco net pro.

I  was reading about digital signature in my book.

Here is what my book says:

"   First the information is put through a message digest or hash function. The hash function creates a checksum of the information. Thischecksum is then encryptyed by user's private key. The information and the encrypted checksum  aresent to the receiverof the information"

I just want to know if the information is also encrypted by the private key by sender?   My book does not hint aboput it. All it says the checksum is encrypted by private key which is then sent along with information to receiver. It is not cleared  if the information is also encrypted or not.

Thanks  and have a nice weekend.

1 Accepted Solution

Accepted Solutions

Sean Merrow
Level 4
Level 4

Hello,

Digital signature is not intended for confidentiality.  It is only intended for data integrity (the data has not been changed since it was signed) and for non-repudiation (somebody can't say that they didn't send you the data).  Therefore the data is not encrypted.  If you need confidentiality so that nobody with a network capture utility can see the data, then you would need to use encryption.

For digital signature, the sender (signer) signs the data with his/her private key and the receiver verifies the signature with the sender's public key.  If the checksum can be decrypted with the sender's public key, then it must have been encrypted using the sender's private key (non-repudiation).

For data encryption, the sender uses the receiver's public key to encrypt the data.  The only key that can now be used to decrypt the data is the receiver's private key.  Hence only the receiver can decrypt the data.

Hope this helps,

Sean

View solution in original post

3 Replies 3

Sean Merrow
Level 4
Level 4

Hello,

Digital signature is not intended for confidentiality.  It is only intended for data integrity (the data has not been changed since it was signed) and for non-repudiation (somebody can't say that they didn't send you the data).  Therefore the data is not encrypted.  If you need confidentiality so that nobody with a network capture utility can see the data, then you would need to use encryption.

For digital signature, the sender (signer) signs the data with his/her private key and the receiver verifies the signature with the sender's public key.  If the checksum can be decrypted with the sender's public key, then it must have been encrypted using the sender's private key (non-repudiation).

For data encryption, the sender uses the receiver's public key to encrypt the data.  The only key that can now be used to decrypt the data is the receiver's private key.  Hence only the receiver can decrypt the data.

Hope this helps,

Sean

Thanks Sean.

Digital signatures are created online and applied to online documents, rather than using a pen to write your signature physically (also known as a “wet signature”). Digital signatures provide an extra level of security by using technology that encrypts the signature, verifying the identity of the person signing for digital buscado marketing seo.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: