Digital signatures

• Provides a signature on a document unique to a key pair - identifies sender
• Full public key process
  • Sender:
    • Generate a hash of the document (SHA1, MD5)
      e06a8fee57cb3578b303f220a4626551bfd4a736 cv.tex
    • Encrypt hash (signature) with sender's secret key add to document
    • Encrypt message (possibly including signature) with recipient's public key
  • Recipient:
    • Decrypt message with recipient's secret key
    • Decrypt signature with sender's public key
    • Check message (minus signature) matches hash value
  • Also useful on unencrypted documents to ensure document has not been changed
  • Hash provides security - if signature was always the same it could be cut and pasted
  • Self-signing your public key ensures it cannot be tampered with
  [Next] [Contents]