What’s the difference between a Digital Signature and a Public Key, aren’t they both the same thing?
As far as I’m aware, when I Sign an e-mail, it attach’s a copy of my Public Key to the e-mail. This is why I believe that the Digital Signature and the Public Key are just Two names that mean the same thing… Please tell me if I am wrong.
Thanks.
P.S. Please hurry. I need this information for my Video Tutorial which is around 65% almost ready.
encrypt: Applying the public key with a mathematical formula to the argument
decrypt: Applying the secret key with a mathematical formula to the argument
While the left equation holds for any encryption, the right equation gives the possibility to digitally sign.
The public key is needed to verify the digital signature, this is the reason, why it’s attached to every signed mail.
Basically a digital signature works the following way:
A checksum from the text you want to sign is calculated
The secret key is applied to the checksum (“encryption” with the secret key)
The encrypted checksum is added to the mail
To verify a signature:
Calculate the checksum from the text
apply the public key on the encrypted checksum attached (look at the right equation)
compare if the checksums are equal
Then you know:
The owner of the secret key is the sender of the message, because he’s the only person who knows the secret key and therefore can encrypt the checksum with it.
The text wasn’t changed, because the checksums are equal and no other person can produce a secret-key-encrypted checksum after modifying the text
Thanks again Mike. Everything is crystal clear now! ;D :-TU
If anyone is having difficulty understanding this, please look at the diagram below and note that, the ‘Encrypted Message Digest’ is the same thing that Mike called the ‘Encrypted Checksum’ (AKA, the ‘Digital Signature’)…