Today, I will briefly introduce a digital signature with a symmetric cryptographic system, may have listened to digital signatures with the public key cryptosystem, and have not heard this symmetric cryptographic system can also be used to sign. But we now use the most used to use the public key cryptosystem to digitally signature.
Let me talk about the function of digital signature first. Digital signatures can resolve, forgery, fake, tampering, and pretending, etc. . The digital signature is mainly provided in the five services of information security. It is the anti-denial service. Data signature is generally not to sign the data directly (a lot of information is encrypted, which is actually not correct, although encryption and signature is encrypted algorithm, but providing security services and processing is a little difference. However, the sender encrypts the entire plaintext --- As the MD5 hash algorithm, obtain a hash value, sign the hash value. Ok, I have said so many preparations, I have entered the topic, I will explain the example here, set a: send party B: Receiver, of course, one institution that is trusted by A and B, this institution can Providing the generation and distribution of the key and can be determined, notarized when the dispute occurs during communication, and can serve as a ruling of the legal basis. The popular point is the role of similar referee. I have it to be CA.
Of course, during this signature process, A, and B are communicating with CA during this process, so A, B have secret keys with CA communication, we are temporarily set to KA and KB, that is, (a, CA, KA), (B, CA, KB).
The process is performed as follows: 1. User A encrypts data packets P until Ciphertext KA (P) with its own secret key, and is sent to the trusted mechanism CA. 2, CA decrypts the ciphertext KA (P) with KA, and then establishes a new message (A, D, P), which is established by the name and address of A. Date D is used for future authentication and testing then use a key K encrypted new packet (A, D, P) that is not known to anyone, thereby obtaining new ciphertext K ((a, d, p)) . And return this ciphertext K ((A, D, P)) to send a sender A
3. At this time, the sender A sends this ciphertext K ((A, D, P)) to the receiver B. Perform a communication between A and B.
4, the receiver B sends K ((A, D, P)) to CA, requesting the message data (of course, this is to B and CA, essentially, this message data is in other users. KB encrypted ciphertext), CA decrypts K ((A, D, P)) to obtain (A, D, P), and obtained KB ((a, d, p)) with KB (A, D, P)), and then Give B. 5, B decrypt (A, D, P) with its own key KB, which is a clear text that A and B communications. How to resist the denying process:
If the sender A denies that the p is given B, then B can provide ciphertext K ((a, d, p)) to the judge judge, requiring CA to decrypt this ciphertext K ((a, d, p)) Then the judge can see ciphertext (A, D, P). Obviously, the judge can be determined that A is transmitted because B does not know K, so it is impossible to fake ciphertext K ((a, d, p)). If b delegate, it can be obtained.
Finally, I want to give everyone a few questions, see if you understand this article:
1. How is CA know how is a request to communicate with B? 2. If b delegates that the information has been received, how can judges conduct a decision?
This article is just a brief introduction to the signature of the symmetric cryptographic system. If there is anything wrong, please point out that I will not thank my email is anmeihong@sina.com.
