How Digital Signatures Work
Figure 5-2 shows an overall picture of how a digital signature is applied to a message. In the upper left corner of this diagram, we take the original message and create a 160-bit message digest by applying the SHA-1 hash algorithm on the message. The message digest is then encrypted using the private key known only to the private key owner (i.e., the sender). Note that this is not a secretive encryption, since the sender is using his or her own private key, not the public key, to encrypt. This means that absolutely anyone can decrypt the message digest, using the associated public key, and retrieve the hash. In fact, as we will see next, this is exactly what the receiver will do with the signed message.
Figure 5-2. ...
Get .NET Security and Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
