I'm going through Cryptography. I've some doubt in that. We use DigestMethod and SignatureMethod which use algorithms like SHA and RSA repectively. I'm not getting why we need two different algorithms for Digital Signature
Thanks
Navin
Ulf Dittmer
Marshal
Joined: Mar 22, 2005
Posts: 32421
posted
0
SHA is a digest (or hash) algorithm, while RSA is an encryption algorithm; they do very different things.
So as per my understanding, using DigestMethod we calculate the Hash value and using SignatureMethod we encrypt that value to keep the hash value confidential. Please correct me if I am incorrect.
Thanks,
Navin
Ulf Dittmer
Marshal
Joined: Mar 22, 2005
Posts: 32421
posted
0
Not quite. A hash value does not need encryption - it is already cryptologically secure and can be transmitted in clear.
So as per my understanding, using DigestMethod we calculate the Hash value and using SignatureMethod we encrypt that value to keep the hash value confidential. Please correct me if I am incorrect.
Thanks,
Navin
Digital signatures are obtained using the techniques of public key cryptography, in which you have a public key that you give out to everybody and a private key that you must keep secret. To sign a message you must use your private key, and then resulting signature can be verified by anybody using your public key.
It turns out that the established algorithms for public key cryptography are very very expensive computationally, and the complexity is linear in the message length in both size and time. As an optimization in both, an alternative scheme was developed where the message to be signed is first digested and then the digest is signed rather than the original message. By contrast, digest algorithms such as SHA1 are much much faster to compute and their result is always the same relatively small size (160 bits in the case of SHA1) no matter how long the original message.
0
