|
|
|
Modern Operating Systems by Herbert Bos and Andrew S. Tanenb...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf
Showing 654 out of 1137
Modern Operating Systems by Herbert Bos and Andrew...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Modern Operating Systems by Herbert...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Page 654
SEC. 9.5
BASICS OF CRYPTOGRAPHY
623
9.5.4 Digital Signatures
Frequently it is necessary to sign a document digitally. For example, suppose a
bank customer instructs the bank to buy some stock for him by sending the bank an
email message.
An hour after the order has been sent and executed, the stock
crashes. The customer now denies ever having sent the email. The bank can pro-
duce the email, of course, but the customer can claim the bank forged it in order to
get a commission. How does a judge know who is telling the truth?
Digital signatures make it possible to sign emails and other digital documents
in such a way that they cannot be repudiated by the sender later. One common way
is to first run the document through a one-way cryptographic hashing algorithm
that is very hard to invert. The hashing function typically produces a fixed-length
result independent of the original document size. The most popular hashing func-
tions used is
SHA-1
(
Secure Hash Algorithm
), which produces a 20-byte result
(NIST, 1995). Newer versions of SHA-1 are
SHA-256
and
SHA-512
, which pro-
duce 32-byte and 64-byte results, respectively, but they are less widely used to
date.
The next step assumes the use of public-key cryptography as described above.
The document owner then applies his private key to the hash to get
D
(
hash
). This
value, called the
signature block
, is appended to the document and sent to the re-
ceiver, as shown in Fig. 9-16. The application of
D
to the hash is sometimes
referred to as decrypting the hash, but it is not really a decryption because the hash
has not been encrypted.
It is just a mathematical transformation on the hash.
Original
document
Original
document
Document
compressed
to a hash
value
Hash value
run through D
D(Hash)
D(Hash)
Signature
block
Hash
(a)
(b)
Figure 9-16.
(a) Computing a signature block. (b) What the receiver gets.
When the document and hash arrive, the receiver first computes the hash of the
document using SHA-1 or whatever cryptographic hash function has been agreed
upon in advance. The receiver then applies the sender’s public key to the signature
block to get
E
(
D
(
hash
)). In effect, it ‘‘encrypts’’ the decrypted hash, canceling it
out and getting the hash back.
If the computed hash does not match the hash from
the signature block, the document, the signature block, or both have been tampered
with (or changed by accident).
The value of this scheme is that it applies (slow)
Ace your assessments! Get Better Grades
Browse thousands of Study Materials & Solutions from your Favorite Schools
Concordia University
Concordia_University
School:
Operating_Systems
Course:
Great resource for chem class. Had all the past labs and assignments
Leland P.
Santa Clara University
Introducing Study Plan
Using AI Tools to Help you understand and remember your course concepts better and faster than any other resource.
Find the best videos to learn every concept in that course from Youtube and Tiktok without searching.
Save All Relavent Videos & Materials and access anytime and anywhere
Prepare Smart and Guarantee better grades
Know more
Students also viewed documents
lab 18.docx
lab_18.docx
Course
Course
3
Module5QuizSTA2023.d...
Module5QuizSTA2023.docx.docx
Course
Course
10
Week 7 Test Math302....
Week_7_Test_Math302.docx.docx
Course
Course
30
Chapter 1 Assigment ...
Chapter_1_Assigment_Questions.docx.docx
Course
Course
5
Week 4 tests.docx.do...
Week_4_tests.docx.docx
Course
Course
23
Week 6 tests.docx.do...
Week_6_tests.docx.docx
Course
Course
106
