The idea of a redundancy function is necessary in order to understand the algorithms which give digital signatures with message recovery. A complete understanding of the material in this section is not necessary in order to follow subsequent sections the reader unfamiliar with some of the more concrete methods such as RSA ( §11.3) and ElGamal ( §11.5) is well advised not to spend an undue amount of time. This section describes two general models for digital signature schemes. §1.6 provides a brief introduction to the basic ideas behind digital signatures, and §1.8.3 shows how these signatures can be realized through reversible public-key encryption techniques. Further notes, including subtle points on schemes documented in the chapter and variants (e.g., designated confirmer signatures, convertible undeniable signatures, group signatures, and electronic cash) may be found in §11.9.ġ1.2 A framework for digital signature mechanisms Variations on the basic concept of digital signatures, including blind, undeniable, and fail-stop signatures, are discussed in §11.8. §11.7 describes arbitrated digital signatures and the ESIGN signature scheme. One-time signature schemes, many of which arise from symmetric-key cryptography, are considered in §11.6. Techniques based on the intractability of the discrete logarithm problem, such as the Digital Signature Algorithm (DSA) and ElGamal schemes, are the topic of §11.5. §11.4 looks at methods which arise from identification protocols described in Chapter 10. Standards which have been adopted to implement RSA and related signature schemes are also considered here. §11.3 provides an indepth discussion of the RSA signature scheme, as well as closely related techniques. It is more abstract than succeeding sections. §11.2 provides terminology used throughout the chapter, and describes a framework for digital signatures that permits a useful classification of the various schemes. This chapter is an account of many of the results obtained to date, with emphasis placed on those developments which are practical. Some offer significant advantages in terms of functionality and implementation. Subsequent research has resulted in many alternative digital signature techniques. The first method discovered was the RSA signature scheme, which remains today one of the most practical and versatile techniques available. The concept and utility of a digital signature was recognized several years before any practical realization was available. Certification is a means for a trusted third party (TTP) to bind the identity of a user to a public key, so that at some later time, other entities can authenticate a public key without assistance from a trusted third party. One of the most significant applications of digital signatures is the certification of public keys in large networks. Signatures must be verifiable if a dispute arises as to whether a party signed a document (caused by either a lying signer trying to repudiate a signature it did create, or a fraudulent claimant), an unbiased third party should be able to resolve the matter equitably, without requiring access to the signer’s secret information (private key).ĭigital signatures have many applications in information security, including authentication, data integrity, and non-repudiation. A digital signature of a message is a number dependent on some secret known only to the signer, and, additionally, on the content of the message being signed. This chapter considers techniques designed to provide the digital counterpart to a handwritten signature. Signatures with additional functionality. Ī framework for digital signature mechanisms. The signatures of all certificates in the chain must be verified up to the Root CA Certificate.Introduction. The Root CA Certificate is always signed by the CA itself. The chain terminates with a Root CA Certificate.
0 Comments
Leave a Reply. |