On 09/09/13 09:42, Francesco C. wrote: > Hi, here I come back to ask you some clarification about the signature > procedure. > The purpose of signature procedure is making sure of anybody can't > modify the file you're trying to send. > > Many times they use also the check of Md5sum or SHA512Sum, but anyway my > question is: > > if any spiteful person succeed in tapping a file transmission of mine, > he surely succeed in signing the modified file. So how can my addressee > realize of that? > > In other words, if this spiteful person succeed in replacing a modified > file in a server he also succeed in replacing also the signature file, > doesnt' he?
The signature is more than just the hash of the message. The signing process consists of two steps. Firstly, the message being signed is run through a hashing algorithm like MD5 or SHA. The second step is that the output of the hashing algorithm is encrypted using your secret key. Anyone wishing to check the signature can then decrypt the hash using your public key, run the same hashing algorithm over the message, and check that the hash of the message is the same as the unencrypted hash from the signature. You are correct that an attacker can generate a hash of the modified message, but they cannot encrypt it with your secret key, unless they also have a copy of that key. I've simplified the process somewhat for ease of explaining it, but that's the general gist of the way it works. So, provided your secret key is kept secret, and your addressees verify that the public keys they have really do belong to you, you can be confident that the signature mechanism is safe. -- David Smith Work Email: dave.sm...@st.com STMicroelectronics Home Email: david.sm...@ds-electronics.co.uk Bristol, England GPG Key: 0xF13192F2 _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
