# DIGITAL SIGNATURE

By Rahul Mathew , MBA Systems and Finance , B.C.A , GNIIT

WHY

Digital Signatures ?

Digital Signatures ensure

INTEGRITY AUTHENTICITY
and

AUTHENTICITY

AND

INTEGRITY

Message authentication allows ALICE to check whether the message sent by BOB is altered in route. It is also called data - origin authentication and is to protect the integrity of a message.  Message integrity ensures that each message is received in the same condition when it was sent without the addition of any bits , removal or modification of bits.

PUBLIC KEY

AND

PRIVATE KEY

PUBLIC KEY

PRIVATE KEY

PUBLIC KEY

AND

PRIVATE KEY

MATHEMATICAL KEYS

RELATIONSHIP

OF

PUBLIC KEY AND PRIVATE KEY

The mathematical relationship between private and public key is that , the data encrypted with either key can only be decrypted with the other.

RELATIONSHIP

OF

PUBLIC KEY AND PRIVATE KEY

BOB encrypts a message using ALICE ‘ S public key and sends it to her . As long as only ALICE has access to her private key , she only can read the message sent by BOB. Thus ensuring the confidentiality of the message.

RELATIONSHIP

OF

PUBLIC KEY AND PRIVATE KEY

BOB can also encrypt a message using his private key and send it to ALICE . ALICE can decrypt the message using BOB’S public key . By comparing the message sent by BOB and with the original message which she already received , she can ensure the authenticity and of the message. In this method confidentiality cannot be ensured.

SECURE ELECTRONIC TRANSACTION (SET)
• •

In SET both BOB and ALICE have their own pairs of public and private keys. BOB runs a message through a one-way hashing algorithm also called a hashing function to create a message digest. He encrypts the message digest and appends the message digest to the original message to generate a digital signature of the message.

SECURE ELECTRONIC TRANSACTION (SET)

BOB then generates a random private key or symmetric key and uses it to encrypt the original message + digital signature (original message +encrypted message digest) + digital certificate issued by a CA(Certificate Authority) to get the final encrypted message.

SECURE ELECTRONIC TRANSACTION (SET)

BOB then encrypts his randomly generated private key with ALICE ‘ Public Key which was distributed to BOB by ALICE to generate a digital envelope. He then sends the final encrypted message along with the digital envelope to ALICE.

SECURE ELECTRONIC TRANSACTION (SET)

ALICE on the arrival of the message from BOB decrypts the digital envelope with her private key to get the private key secretly generated by BOB. She then decrypts the final encrypted message using this private key secretly generated by BOB thus unlocking the original message, digital signature(original message +encrypted message digest) and digital certificate.

SECURE ELECTRONIC TRANSACTION (SET)

She then decrypts the digital signature to recover the original message and the message digest using BOB’S Public Key from his digital certificate. She then runs the original message which came with the digital envelope using the same hashing function to generate a message digest.

SECURE ELECTRONIC TRANSACTION (SET)

She will now compare the message digest she generated with the original message digest she got by decrypting the digital signature. If there is a match the message is not altered else the message was altered after it was signed.

HAPPY ENDING….