2.5. Asymmetric Keys and Authentication
Asymmetric authentication algorithms also change the security model for signatures compared with message authentication codes. A program originating data that it wants to authenticate can send, along with that data, the same data transformed under a private key and make known the corresponding public key. (Note: Which key is public and which is private is the reverse of the confidentiality case mentioned earlier.) Then, anyone with access to the sender's public key can verify the message using the plain text and transformed text, and determine that it comes from the sender—only the sender should have the necessary private key. This technique solves the two problems mentioned in Section 2.2 for MAC symmetric ...
Get Secure XML: The New Syntax for Signatures and Encryption now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
