Digital Signature and Message Digest — Behind The Scene
Cryptography is a fascinating domain of CISSP. This is also the domain I found dull initially. However, after a few iterations of reading, I started enjoying it.
I want to write about a digital signature and message digest in this article.
Let’s start with a question.
Why do we create message digest?
There are two reasons.
- To maintain the integrity of the message.
- To enforce the Non-repudiation
The integrity of the message ensures that no tampering has been done while data is in transit. Non-repudiation provides the sender doesn’t deny that the message came from her.
We cannot achieve Non-redupiation with symmetric cryptography.
What happens from a digital signature perspective when you send a plaintext message to the other end?
Let’s break the process to understand what happens behind the scene.
- A hash algorithm such as SHA-2 applies to our plain text message. It creates a message digest (MD). MD is a fixed output value that cannot be reversed.
- MD is encrypted with a sender’s private key. It creates a digital signature.
- The sender sent a plaintext message and encrypted MD to the receiver.
- The receiver decrypts the message with the sender’s public key. The receiver has two things — decrypted MD and plain text message.
- The receiver also applies the SHA-2 hash algorithm on the plain text message and creates MD.
- The receiver compares both MDs. If values match, the message has not been tampered with. If values don’t match, the integrity of the message is compromised.
Using Digital Signatures, we can achieve integrity, authentication and non-repudiation. But not confidentiality.
Hang on! There is a way to achieve confidentiality using asymmetric encryption. Cryptography is a fascinating domain. Remember?
Let’s insert a few steps in between for the above process.
2.5 After step 2, encrypt the entire digital signature with the receiver’s public key.
3.5 Receiver decrypts the digital signature with her private key and continues to step 4.
And just realized that I had to continue to revise Domain 3, but I got carried away with writing this article.
You can check out my article on the beauty of public key cryptography, which explains the concept by establishing a friendship between Batman and Joker.
I write articles on CISSP, information security and cybersecurity insights with a digital sketch. Please subscribe to my newsletter and get notified when a new article is published.