Ques1:- Real world scenario of Cryptography?

Cryptography is the study of secure communications techniques that

allow only the sender and intended recipient of a message to view its
contents. The term is derived from the Greek word kryptos, which
means hidden. It is closely associated to encryption, which is the act
of scrambling ordinary text into what’s known as ciphertext and
then back again upon arrival. In addition, cryptography also covers
the obfuscation of information in images using techniques such as
microdots or merging.

Authentication/Digital Signatures:

Authentication is any process through which one proves and verifies

certain information. Sometimes one may want to verify the origin of
a document, the identity of the sender, the time and date a
document was sent and/or signed, the identity of a computer or
user, and so on. A digital signature is a cryptographic means through
which many of these may be verified. The digital signature of a
document is a piece of information based on both the document and
the signer’s private key.

Electronic Money:
The definition of electronic money (also called electronic cash or
digital cash) is a term that is still evolving. It includes transactions
carried out electronically with a net transfer of funds from one party
to another, which may be either debit or credit and can be either
anonymous or identified. There are both hardware and software
implementations.

Encryption/Decryption in email:

Email encryption is a method of securing the content of emails from

anyone outside of the email conversation looking to obtain a
participant’s information. In its encrypted form, an email is no
longer readable by a human. Only with your private email key can
your emails be unlocked and decrypted back into the original
message.

Encryption in WhatsApp:

WhatsApp uses the ‘signal’ protocol for encryption, which uses a

combination of asymmetric and symmetric key cryptographic
algorithms. The symmetric key algorithms ensure confidentiality
and integrity whereas the asymmetric key cryptographic algorithms
help in achieving the other security goals namely authentication and
non-repudiation.

Ques2:- Threat and Vulnerability in Cryptography.

Threat

A cyber threat is a malicious act that seeks to steal or damage data or

discompose the digital network or system. Threats can also be defined as
the possibility of a successful cyber attack to get access to the sensitive data
of a system unethically. Examples of threats include computer
viruses, Denial of Service (DoS) attacks, data breaches, and even
sometimes dishonest employees.
Types of Threat
Threats could be of three types, which are as follows:
1. Intentional- Malware, phishing, and accessing someone’s account
illegally, etc. are examples of intentional threats.
2. Unintentional- Unintentional threats are considered human errors, for
example, forgetting to update the firewall or the anti-virus could make the
system more vulnerable.
3. Natural- Natural disasters can also damage the data, they are known as
natural threats.

Vulnerability:

In cybersecurity, a vulnerability is a flaw in a system’s design, security

procedures, internal controls, etc., that can be exploited by cybercriminals. In
some very rare cases, cyber vulnerabilities are created as a result
of cyberattacks, not because of network misconfigurations. Even it can be
caused if any employee anyhow downloads a virus or a social engineering
attack.
Types of Vulnerability
Vulnerabilities could be of many types, based on different criteria, some of
them are:
1. Network- Network vulnerability is caused when there are some flaws in
the network’s hardware or software.
2. Operating system- When an operating system designer designs an
operating system with a policy that grants every program/user to have full
access to the computer, it allows viruses and malware to make changes
on behalf of the administrator.
3. Human- Users’ negligence can cause vulnerabilities in the system.
4. Process- Specific process control can also cause vulnerabilities in the
system.
Ques3:-Cipher Text and Plain Text?

What is Plaintext?

Plaintext is simply the unencrypted form of a message. It is the

original message that you want to keep secure or confidential. It
could be anything from an email, a text message, a document, or any
other form of data that you want to protect. In plaintext form, the
message is easily readable, and anyone who intercepts it can easily
understand it.

What is Ciphertext?

Ciphertext, on the other hand, is the encrypted version of a plaintext

message. It is the result of applying an encryption algorithm to the
plaintext, which transforms it into an unreadable format. The
process of encryption involves scrambling the original message
using a secret key, making it indecipherable without the correct key.
Ciphertext looks like a string of random characters, and without the
correct key, it is impossible to read or understand.

Ques4: IDS and IPS with their types?

 IPS IDS

IPS is a control system that accepts and rejects a IDS is a detection and monitoring tool which do

packet based on the ruleset. not take action on their own.

IPS requires that the database to regularly updated IDS requires human or another system to examine

with new threat data.3 results.

It should be placed after the firewall device in a IDS should be placed after the firewall.

network.

IPS provides detection and reaction support. IDS provides decoupling detection and reaction

functionalities.

In IPS, configuration mode is an inline mode or as In IDS, configuration mode is the inline mode,

an end host. generally on layer 2.

Types of IDS:-
Network Intrusion Detection System (NIDS)

Network Intrusion Detection System sets up across the network at a

specific planned point. NIDS monitors the traffic on the network from all
devices. Similarly, it examines the traffic passing on the entire subnet
and verifies it with the packet metadata and content. If NIDS detects any
intrusion in the network, a warning alert is sent to the admin of that
network.
Host Intrusion Detection System (HIDS)

Organizations install a Host Intrusion Detection System (HIDS) on

independent networked devices. However, HIDS examines the incoming
and outgoing traffic of the device only. It detects suspicious activities on
the device and alerts the administrator. HIDS also checks whether
system files are misplaced or not, for that it takes the screen capture of
the current file system and verifies it with the screen capture of the
previous file system.

Protocol-based IDS (PIDS)

Organizations set up a Protocol-based Intrusion Detection

System at the front end of the server. It interprets the protocols
between the server and the user. PIDS monitors the HTTPS
server regularly to secure the web. Similarly, it allows the HTTP
server which is related to the protocol.

Types of IPS:-
1. Network-based intrusion prevention system (NIPS):
It monitors the entire network for suspicious traffic by analyzing protocol
activity.

2. Wireless intrusion prevention system (WIPS):

It monitors a wireless network for suspicious traffic by analyzing wireless
networking protocols.

3. Network behavior analysis (NBA):

It examines network traffic to identify threats that generate unusual traffic
flows, such as distributed denial of service attacks, specific forms of
malware and policy violations.

Host-based intrusion prevention system (HIPS):

It is an inbuilt software package which operates a single host for doubtful
activity by scanning events that occur within that host.
 Ques5:- What is PKI?

Public key infrastructure or PKI is the governing body behind issuing digital
certificates. It helps to protect confidential data and gives unique identities to
users and systems. Thus, it ensures security in communications.
The public key infrastructure uses a pair of keys: the public key and the private
key to achieve security. The public keys are prone to attacks and thus an intact
infrastructure is needed to maintain them.

Managing Keys in the Cryptosystem:

The security of a cryptosystem relies on its keys. Thus, it is important that we

have a solid key management system in place. The 3 main areas of key
management are as follows:
 A cryptographic key is a piece of data that must be managed by secure
administration.
 It involves managing the key life cycle which is as follows:

 Public key management further requires:

 Keeping the private key secret: Only the owner of a private key
is authorized to use a private key. It should thus remain out of
reach of any other person.
 Assuring the public key: Public keys are in the open domain
and can be publicly accessed. When this extent of public
accessibility, it becomes hard to know if a key is correct and what
it will be used for. The purpose of a public key must be explicitly
defined.
PKI or public key infrastructure aims at achieving the assurance of public key.
Public Key Infrastructure:

Public key infrastructure affirms the usage of a public key. PKI identifies a
public key along with its purpose. It usually consists of the following
components:
 A digital certificate also called a public key certificate
 Private Key tokens
 Registration authority
 Certification authority
 CMS or Certification management system

Working on a PKI:

Let us understand the working of PKI in steps.

 PKI and Encryption: The root of PKI involves the use
of cryptography and encryption techniques. Both symmetric and
asymmetric encryption uses a public key. The challenge here is – “how do
you know that the public key belongs to the right person or to the person
you think it belongs to?”. There is always a risk of MITM(Man in the middle).
This issue is resolved by a PKI using digital certificates. It gives identities
to keys in order to make the verification of owners easy and accurate.
 Public Key Certificate or Digital Certificate: Digital certificates are
issued to people and electronic systems to uniquely identify them in the
digital world. Here are a few noteworthy things about a digital certificate.
Digital certificates are also called X.509 certificates. This is because they
are based on the ITU standard X.509.
 The Certification Authority (CA) stores the public key of a user
along with other information about the client in the digital
certificate. The information is signed and a digital signature is also
included in the certificate.
 The affirmation for the public key then thus be retrieved by
validating the signature using the public key of the Certification
Authority.
 Certifying Authorities: A CA issues and verifies certificates. This authority
makes sure that the information in a certificate is real and correct and it
also digitally signs the certificate. A CA or Certifying Authority performs
these basic roles:
 Generates the key pairs – This key pair generated by the CA can
be either independent or in collaboration with the client.
 Issuing of the digital certificates – When the client successfully
provides the right details about his identity, the CA issues a
certificate to the client. Then CA further signs this certificate
digitally so that no changes can be made to the information.
  Publishing of certificates – The CA publishes the certificates so
that the users can find them. They can do this by either publishing
them in an electronic telephone directory or by sending them out
to other people.
 Verification of certificate – CA gives a public key that helps in
verifying if the access attempt is authorized or not.
 Revocation – In case of suspicious behavior of a client or loss of
trust in them, the CA has the power to revoke the digital certificate.

Ques5:- What is X.509?

X.509 digital certificate is a certificate-based authentication security

framework that can be used for providing secure transaction processing and
private information. These are primarily used for handling the security and
identity in computer networking and internet-based communications.

Working of X.509 Authentication Service Certificate:

The core of the X.509 authentication service is the public key certificate
connected to each user. These user certificates are assumed to be produced
by some trusted certification authority and positioned in the directory by the
user or the certified authority. These directory servers are only used for
providing an effortless reachable location for all users so that they can acquire
certificates. X.509 standard is built on an IDL known as ASN.1. With the help
of Abstract Syntax Notation, the X.509 certificate format uses an associated
public and private key pair for encrypting and decrypting a message.
Once an X.509 certificate is provided to a user by the certified authority, that
certificate is attached to it like an identity card. The chances of someone
stealing it or losing it are less, unlike other unsecured passwords. With the
help of this analogy, it is easier to imagine how this authentication works: the
certificate is basically presented like an identity at the resource that requires
authentication.
 Public Key certificate use

Format of X.509 Authentication Service Certificate:

Generally, the certificate includes the elements given below:
 Version number: It defines the X.509 version that concerns the certificate.
 Serial number: It is the unique number that the certified authority issues.
 Signature Algorithm Identifier: This is the algorithm that is used for
signing the certificate.
 Issuer name: Tells about the X.500 name of the certified authority which
signed and created the certificate.
 Period of Validity: It defines the period for which the certificate is valid.
 Subject Name: Tells about the name of the user to whom this certificate
has been issued.
 Subject’s public key information: It defines the subject’s public key
along with an identifier of the algorithm for which this key is supposed to be
used.
 Extension block: This field contains additional standard information.
 Signature: This field contains the hash code of all other fields which is
encrypted by the certified authority private key.
Ques7:- What is PGP?

In 2013, when the NSA (United States National Security Agency)

scandal was leaked to the public, people started to opt for the services which
can provide them a strong privacy for their data. Among the services people
opted for, most particularly for Emails, were different plug-ins and extensions
for their browsers. Interestingly, among the various plug-ins and extensions
that people started to use, there were two main programs that were solely
responsible for the complete email security that the people needed. One
was S/MIME which we will see later and the other was PGP.

As said, PGP (Pretty Good Privacy), is a popular program that is used to

provide confidentiality and authentication services for electronic mail and file
storage. It was designed by Phil Zimmermann way back in 1991. He
designed it in such a way, that the best cryptographic algorithms such as
RSA, Diffie-Hellman key exchange, DSS are used for the public-key
encryption (or) asymmetric encryption; CAST-128, 3DES, IDEA are used for
symmetric encryption and SHA-1 is used for hashing purposes. PGP
software is an open source one and is not dependent on either the OS
(Operating System) or the processor. The application is based on a few
commands which are very easy to use.

The following are the services offered by PGP:

1. Authentication
2. Confidentiality
3. Compression
4. Email Compatibility
5. Segmentation

Ques8:- What isVPN?

VPN stands for the Virtual Private Network. A virtual private network (VPN)
is a technology that creates a safe and encrypted connection over a less
secure network, such as the Internet. A Virtual Private Network is a way to
extend a private network using a public network such as the Internet. The
name only suggests that it is a Virtual “private network,i.e., a” i.e. user can
be part of a local network sitting at a remote location. It makes use of
tunneling protocols to establish a secure connection.

Let us understand VPN with Let’s an example

Think of a situation where the corporate office of a bank is situated in

Washington, USA. This office has a local network consisting of say 100
computers. Suppose other branches of the bank are in Mumbai, India,
and Tokyo, Japan. The traditional method of establishing a secure
connection between the head office and the the branch was to have a
leased line between the branches and head office which was a very
costly as well as troublesome job. VPN lets us overcome this issue in
an effective manner
.
 All 100 hundred computers of the corporate office at Washington are
connected to the VPN server(which is a well-configured server containing
a public IP address and a switch to connect all computers present in the
local network i.e. in US head office).
 The person sitting in the Mumbai office connects to The VPN server using
a dial-up window and the VPN server returns an IP address that belongs
to the series of IP addresses belonging to a local network of the corporate
office.
 Thus person from the Mumbai branch becomes local to the head office
and information can be shared securely over the public internet.
 So this is the intuitive way of extending the local network even across the
geographical borders of the country.

Ques9:- What is Digital Signature?

A digital signature is a mathematical technique used to validate the

authenticity and integrity of a message, software, or digital document.

1. Key Generation Algorithms: Digital signature is electronic signatures,

which assure that the message was sent by a particular sender. While
performing digital transactions authenticity and integrity should be
assured, otherwise, the data can be altered or someone can also act as if
he was the sender and expect a reply.

2. Signing Algorithms: To create a digital signature, signing algorithms like

email programs create a one-way hash of the electronic data which is to
 be signed. The signing algorithm then encrypts the hash value using the
private key (signature key). This encrypted hash along with other
information like the hashing algorithm is the digital signature. This digital
signature is appended with the data and sent to the verifier. The reason
for encrypting the hash instead of the entire message or document is that
a hash function converts any arbitrary input into a much shorter fixed-
length value. This saves time as now instead of signing a long message a
shorter hash value has to be signed and moreover hashing is much faster
than signing.

3. Signature Verification Algorithms : Verifier receives Digital Signature

along with the data. It then uses Verification algorithm to process on the
digital signature and the public key (verification key) and generates some
value. It also applies the same hash function on the received data and
generates a hash value. Then the hash value and the output of the
verification algorithm are compared. If they both are equal, then the digital
signature is valid else it is invalid.

The steps followed in creating digital signature are :

1. Message digest is computed by applying hash function on the message

and then message digest is encrypted using private key of sender to form
the digital signature. (digital signature = encryption (private key of sender,
message digest) and message digest = message digest
algorithm(message)).

2. Digital signature is then transmitted with the message.(message + digital

signature is transmitted)

3. Receiver decrypts the digital signature using the public key of

sender.(This assures authenticity, as only sender has his private key so
only sender can encrypt using his private key which can thus be
decrypted by sender’s public key).

4. The receiver now has the message digest.

5. The receiver can compute the message digest from the message (actual
message is sent with the digital signature).

6. The message digest computed by receiver and the message digest (got
by decryption on digital signature) need to be same for ensuring integrity.
Ques9:- What is Kerberos?

Kerberos provides a centralized authentication server whose function is to

authenticate users to servers and servers to users. In Kerberos
Authentication server and database is used for client authentication.
Kerberos runs as a third-party trusted server known as the Key Distribution
Center (KDC). Each user and service on the network is a principal.
The main components of Kerberos are:

 Authentication Server (AS):

The Authentication Server performs the initial authentication and ticket for
Ticket Granting Service.

 Database:
The Authentication Server verifies the access rights of users in the
database.

 Ticket Granting Server (TGS):

The Ticket Granting Server issues the ticket for the Server

Ques10:- What is firewall with types?

A firewall is a security system, either hardware or

software-based, that monitors and controls incoming
and outgoing network traffic based on predetermined
security rules. It acts as a barrier between your trusted
internal network and the wild, potentially dangerous
internet.
Imagine your computer is throwing a party, and the
firewall is the vigilant bouncer at the door. It checks
every person (data packet) trying to enter or leave the
party (your network). If they meet the criteria (security
rules), they're allowed in. If not, they get rejected.

Firewalls help prevent unauthorized access, protect

against cyber threats, and establish a line of defense
against malicious activities. They come in different
forms, from the software running on your computer to
dedicated hardware devices guarding entire networks.

o Packet-filtering Firewalls
o Application-level Gateways (Proxy Firewalls)
o Network Address Translation (NAT) Firewalls
o Cloud Firewalls
o Unified Threat Management (UTM) Firewalls

Packet-filtering Firewalls
A packet filtering firewall is the most basic type of firewall. It acts like a management
program that monitors network traffic and filters incoming packets based on
configured security rules. These firewalls are designed to block network
traffic IP protocols, an IP address, and a port number if a data packet does not match
the established rule-set.

While packet-filtering firewalls can be considered a fast solution without many

resource requirements, they also have some limitations. Because these types of
firewalls do not prevent web-based attacks, they are not the safest.
Application-level Gateways (Proxy Firewalls)
Proxy firewalls operate at the application layer as an intermediate device to filter
incoming traffic between two end systems (e.g., network and traffic systems). That is
why these firewalls are called 'Application-level Gateways'.

Unlike basic firewalls, these firewalls transfer requests from clients pretending to be
original clients on the web-server. This protects the client's identity and other
suspicious information, keeping the network safe from potential attacks. Once the
connection is established, the proxy firewall inspects data packets coming from the
source. If the contents of the incoming data packet are protected, the proxy firewall
transfers it to the client. This approach creates an additional layer of security between
the client and many different sources on the network.

Network Address Translation (NAT) Firewalls

Network address translation or NAT firewalls are primarily designed to access Internet
traffic and block all unwanted connections. These types of firewalls usually hide the IP
addresses of our devices, making it safe from attackers.

When multiple devices are used to connect to the Internet, NAT firewalls create a
unique IP address and hide individual devices' IP addresses. As a result, a single IP
address is used for all devices. By doing this, NAT firewalls secure independent network
addresses from attackers scanning a network for accessing IP addresses. This results in
enhanced protection against suspicious activities and attacks.

In general, NAT firewalls works similarly to proxy firewalls. Like proxy firewalls, NAT
firewalls also work as an intermediate device between a group of computers and
external traffic.

Cloud Firewalls
Whenever a firewall is designed using a cloud solution, it is known as a cloud firewall
or FaaS (firewall-as-service). Cloud firewalls are typically maintained and run on the
Internet by third-party vendors. This type of firewall is considered similar to a proxy
firewall. The reason for this is the use of cloud firewalls as proxy servers. However, they
are configured based on requirements.

The most significant advantage of cloud firewalls is scalability. Because cloud firewalls
have no physical resources, they are easy to scale according to the organization's
demand or traffic-load. If demand increases, additional capacity can be added to the
cloud server to filter out the additional traffic load. Most organizations use cloud
firewalls to secure their internal networks or entire cloud infrastructure.
Unified Threat Management (UTM) Firewalls
UTM firewalls are a special type of device that includes features of a stateful inspection
firewall with anti-virus and intrusion prevention support. Such firewalls are designed
to provide simplicity and ease of use. These firewalls can also add many other services,
such as cloud management, etc.

Diffie-Hellman algorithm:

The Diffie-Hellman algorithm is being used to establish a shared secret that

can be used for secret communications while exchanging data over a public
network using the elliptic curve to generate points and get the secret key
using the parameters.

 For the sake of simplicity and practical implementation of the algorithm,

we will consider only 4 variables, one prime P and G (a primitive root of P)
and two private values a and b..

 P and G are both publicly available numbers. Users (say Alice and Bob)
pick private values a and b and they generate a key and exchange it
publicly. The opposite person receives the key and that generates a
secret key, after which they have the same secret key to encrypt.

Step-by-Step explanation is as follows:

 Alice Bob

Public Keys available = P, G Public Keys available = P, G

Private Key Selected = a Private Key Selected = b

Key generated = Key generated =

Exchange of generated keys takes place

Key received = y key received = x

Generated Secret Key = Generated Secret Key =

Algebraically, it can be shown that

Users now have a symmetric secret key to encrypt

Example:

Step 1: Alice and Bob get public numbers P = 23, G = 9

Step 2: Alice selected a private key a = 4 and

Bob selected a private key b = 3
Step 3: Alice and Bob compute public values
Alice: x =(9^4 mod 23) = (6561 mod 23) = 6
Bob: y = (9^3 mod 23) = (729 mod 23) = 16

Step 4: Alice and Bob exchange public numbers

Step 5: Alice receives public key y =16 and

Bob receives public key x = 6

Step 6: Alice and Bob compute symmetric keys

Alice: ka = y^a mod p = 65536 mod 23 = 9
Bob: kb = x^b mod p = 216 mod 23 = 9

Step 7: 9 is the shared secret.

Ques:- What is S/MIME?

S/MIME stands for Secure/Multipurpose Internet

Mail Extensions. It's a standard for public key
encryption and signing of MIME data (Multipurpose
Internet Mail Extensions), which is used in email
communications. In simpler terms, it's a way to
make your emails more secure and trustworthy.

Here's how it works:

Encryption:
S/MIME allows you to encrypt your email messages.
When you send an encrypted email, only the
intended recipient with the correct private key
can decrypt and read it. This ensures that even if
someone intercepts your email, they can't
understand the content without the right
decryption key.

Digital Signatures:
S/MIME also supports digital signatures. When you
sign an email with your private key, the recipient
can use your public key to verify that the email
actually came from you and that it hasn't been
altered in transit. It adds a layer of
authentication and ensures the integrity of the
message.

Ques:- What is malicious programs?

Malicious programs in the realm of cryptography

can pose serious threats to the security of
information. Here are a couple of examples:

Keyloggers:

What they do: Keyloggers are malicious programs

designed to record keystrokes on a computer or
device.
How they affect cryptography: If you're typing in
sensitive information, like passwords or
cryptographic keys, a keylogger can capture that
data. This compromises the confidentiality of your
cryptographic communications.
Trojan Horses:

What they do: Trojans are disguised as legitimate

software but have a hidden malicious purpose.
How they affect cryptography: A Trojan could
masquerade as a legitimate cryptographic tool,
tricking users into using it. Once activated, it
might compromise the security of cryptographic
keys or intercept encrypted communications.
Ransomware:

What they do: Ransomware encrypts the victim's

files and demands payment for the decryption key.
How they affect cryptography: While ransomware
itself may not directly target cryptographic
processes, if it encrypts critical files, it can
disrupt the functioning of cryptographic systems,
causing data loss and potential security breaches.
Man-in-the-Middle Attacks:

What they do: These attacks involve intercepting

and possibly altering communications between two
parties without their knowledge.
How they affect cryptography: If a malicious actor
can position themselves between the sender and
receiver of encrypted messages, they might attempt
to manipulate the communication or gain
unauthorized access to the decrypted data.
Ques:- What is Elagmal digital signature scheme?

ElGamal encryption is a public-key cryptosystem. It uses asymmetric key

encryption for communicating between two parties and encrypting the
message. This cryptosystem is based on the difficulty of finding discrete
logarithm in a cyclic group that is even if we know ga and gk, it is extremely
difficult to compute gak.
Idea of ElGamal cryptosystem:
Suppose Alice wants to communicate with Bob.
1. Bob generates public and private keys:
 Bob chooses a very large number q and a cyclic group Fq.
 From the cyclic group Fq, he choose any element g and
an element a such that gcd(a, q) = 1.
 Then he computes h = ga.
 Bob publishes F, h = ga, q, and g as his public key and retains a as
private key.
2. Alice encrypts data using Bob’s public key :
 Alice selects an element k from cyclic group F
such that gcd(k, q) = 1.
 Then she computes p = gk and s = hk = gak.
 She multiples s with M.
 Then she sends (p, M*s) = (gk, M*s).
3. Bob decrypts the message :
 Bob calculates s′ = pa = gak.
 He divides M*s by s′ to obtain M as s = s′.

Ques:-what is digital signature standards?

As we have studied, signature is a way of authenticating the data coming

from a trusted individual. Similarly, digital signature is a way of authenticating
a digital data coming from a trusted source. Digital Signature Standard
(DSS) is a Federal Information Processing Standard(FIPS) which defines
algorithms that are used to generate digital signatures with the help
of Secure Hash Algorithm(SHA) for the authentication of electronic
documents. DSS only provides us with the digital signature function and not
with any encryption or key exchanging strategies.
Sender Side : In DSS Approach, a hash code is generated out of the
message and following inputs are given to the signature function –
1. The hash code.
2. The random number ‘k’ generated for that particular signature.
3. The private key of the sender i.e., PR(a).
4. A global public key(which is a set of parameters for the communicating
principles) i.e., PU(g).

These input to the function will provide us with the output signature
containing two components – ‘s’ and ‘r’. Therefore, the original message
concatenated with the signature is sent to the receiver. Receiver Side : At
the receiver end, verification of the sender is done. The hash code of the
sent message is generated. There is a verification function which takes the
following inputs –

1. The hash code generated by the receiver.

2. Signature components ‘s’ and ‘r’.
3. Public key of the sender.
4. Global public key.

The output of the verification function is compared with the signature

component ‘r’. Both the values will match if the sent signature is valid
because only the sender with the help of it private key can generate a valid
signature.