In fact, in some cases it
could require several months of computation to obtain the private key from a public
key. In general, the greater the number of bits used to encrypt, the stronger the private
key.
5.2.1 Digital Signatures
Integrity is guaranteed in public-key systems by using digital signatures. A digital signature
is a piece of data which is attached to a message and which can be used to
determine whether the message was tampered with during transmission.
The digital signature for a message is generated in two steps.
First, a message digest is generated. A message digest is a ???summary??? of the message to
be transmitted. It has two important properties: (1) it is always smaller than the message
itself and (2) even the slightest change in the message produces a different digest.
The message digest is generated using a set of hashing algorithms. For example:
% digest -a sha1 /var/log/syslog
61fafd21dcd3911998f561915f7ce8f10998fcdb
Here we use the digest(1) program to compute a sha1-style digest of the file /var/log/
syslog. The resulting digest is the alphanumeric string shown.
Second, the computed message digest is encrypted using the sender??™s private key.
The resulting encrypted message digest is the digital signature.
The digital signature is attached (more on this soon) to the message that will be sent
to the receiver.
Pages:
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382