Not a openssl question as such, but ppl will help. The basic confusion is about "encryption" and "digital signature". These are 2 different aspects: encryption helps to obscure data so that it can not be understood by an evasdropper (privacy), whereas digital signature helps in non-repurdiation and binds the identity of the sender with the message (authentication). Of course both can be combined to provide privacy and also authentication.
For encryption, how to achieve privacy? You encrypt a mesg using the public key of your targetted recipient. Send this across. Note that only the holder of the corres. private key can decrpty. This holder of the corresponding private key is your targetted recipient and none else has the pvt key. Clear? For dig signature, how do you bind your identity to the mesg that you send? What you wrote is correct: "needs to compute a digest message using a hashing function, then encrypt the digest message, and that gives me the digital signature." except that you should use the word "sign" instead of "encrypt". If it is not clear still, please do not hesitate to ask. Ambarish. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of hicham Sent: Friday, June 23, 2006 4:47 PM To: openssl-users@openssl.org Subject: confusion about digital signatures hello I'm having some confusion about digital signatures, in this web site "http://www.youdzone.com/signature.html"; gives a nice examle of what 's a digital signature? Here what I understood : bob got one private key and a public key, both keys can encrypt any data but only the private key (that is kept secret ) can decrypt the data , right ? now for Bob to create a digital signature , needs to compute a digest message using a hashing function, then encrypt the digest message, and that gives me the digital signature. now Pat receives a document from Bob with his digital signature, Pat's computes the message digest of the document and DECRYPT the signature with Bob's public key !!! I've understood that's only Bob's private key can decrypt any data , so what's wrong ? please enlighten me Thanks you hicham ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
