Page 560 - StudyBook.pdf
P. 560
544 Chapter 9 • Basis of Cryptography
Figure 9.2 Digital Signature Verification Process
1. Sender creates a message and calculates a message hash.
Sender’s
Sent Message Hash
2. Sender encrypts the message hash and attaches it to the message.
Encryption
Sent Message Sender’s
Hash
3. Recipient calculates a message hash.
Recipient’s
Received Message
Hash
4. Recipient decrypts the sender’s hash and verifies that it matches
hash calculated by the recipient. If they match, the message
is said to have the properties of integrity and non-repudiation.
Recipient’s Sender’s
Hash Hash
TEST DAY TIP
Digital signatures serve a similar purpose to physical signatures: identify
an individual by something that is cheap and easy to leave behind, yet
difficult to forge. Remember that a digitally scanned handwritten signa-
ture is not the same as a digital signature in the cryptography or secu-
rity sense. You may also need to know that digital signatures are
considered legally binding in many states and countries.
MITM Attacks
Some types of asymmetric algorithms are immune to MITM attacks, which are only
successful the first time two people try to communicate.When a third party inter-
cepts the communications between the two trying to communicate, the attacker
uses his own credentials to impersonate each of the original communicators.
www.syngress.com
