hi
On 6/23/06, hicham <[EMAIL PROTECTED]> wrote:
hello I'm having some confusion about digital signatures, in this web site "http://www.youdzone.com/signature.html"; gives a nice examle of what 's a digital signature? Here what I understood : bob got one private key and a public key, both keys can encrypt any data but only the private key (that is kept secret ) can decrypt the data , right ?
both can encrypt and decrypt. if private key encrypt then only public key can decrypt. if public key encrypt then only private can decrypt. now since public key is distributed, hence private key encryption is only limited to make signatures(which do not contain any secret data).
now for Bob to create a digital signature , needs to compute a digest message using a hashing function, then encrypt the digest message, and that gives me the digital signature.
yes encrypt digest with his own private key. and decrypt the data with Pat's (or Alice , i prefer) public key.
now Pat receives a document from Bob with his digital signature, Pat's computes the message digest of the document and DECRYPT the signature with Bob's public key !!!
pat first checks the signature. for this pat decrypt the signature (with BOB's public key ) to get Message Digest. pat now computes digest of the document by first decrypting the data with his own private key and then hashing the data. now pat compares both MD, if they are same, the data is not changed in between. tanish ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
