Digital Signatures

Table of contents:


Explain digital signatures

Up to this point, this Chapter has primarily focused on how symmetric and asymmetric encryption is used for confidentiality. Now let's focus on how asymmetric algorithms can be used for authentication. The application of asymmetric encryption for authentication is known as a digital signature. Digital signatures are much like a signature in real life, as the signature validates the integrity of the document and the sender. Let's look at an example of how the five basic steps work in the digital signature process:

  1. Jay produces a message digest by passing a message through a hashing algorithm.
  2. The message digest is then encrypted using Jay's private key.
  3. The message is forwarded, along with the encrypted message digest, to the recipient, Alice.
  4. Alice creates a message digest from the message with the same hashing algorithm that Jay used. Alice then decrypts Jay's signature digest by using Jay's public key.
  5. Finally, Alice compares the two message digests, the one originally created by Jay and the other that she created. If the two values match, Alice has proof that the message is unaltered and did come from Jay.

Figure 12.6 illustrates this process and demonstrates how asymmetric encryption can be used for confidentiality and integrity.

Figure 12.6. The digital signature process.

Exam Alert

Digital signatures provide integrity and authentication.


Part I: Exam Preparation

The Business Aspects of Penetration Testing

The Technical Foundations of Hacking

Footprinting and Scanning

Enumeration and System Hacking

Linux and Automated Security Assessment Tools

Trojans and Backdoors

Sniffers, Session Hijacking, and Denial of Service

Web Server Hacking, Web Applications, and Database Attacks

Wireless Technologies, Security, and Attacks

IDS, Firewalls, and Honeypots

Buffer Overflows, Viruses, and Worms

Cryptographic Attacks and Defenses

Physical Security and Social Engineering

Part II: Final Review

Part III: Appendixes

Appendix A. Using the ExamGear Special Edition Software

Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg © 2008-2020.
If you may any questions please contact us: