That person; The second is to ensure that information is not tampered with by a third party during transmission, even if it is tampered with.
Find out the answer.
The so-called digital signature is produced to solve these two problems. It is a combination of asymmetric encryption technology and digital summarization.
The concrete application of technology.
For the sender of the message, there should be a pair of public key and private key, and the public key should be given to the receiver of the message.
If the sender of a message wants to send a message to the receiver of the message one day, the information sent should include not only the original information.
In addition to the news, add another news. The message is generated by the following two steps:
1) extracts the message digest from the original message to be sent;
2) Encrypt the extracted information abstract with your own private key.
The message obtained through these two steps is the so-called digital signature of the original information.
For the receiver of information, the information he receives will contain two parts, one is the original information content,
The second is an additional digital signature. He will verify the authenticity of the message through the following three steps:
1) extracts the message digest from the original message. Please note that the message digest algorithm used here should be consistent with the algorithm used by the sender;
2) Decrypt the additional digital signature with the pre-obtained public key;
3) Compare whether the two messages obtained in the previous two steps are consistent. If they are consistent, it indicates that the message is indeed the intended sender.
Sent, and the content has not been tampered with; On the contrary, if the two are inconsistent, it means that there must be a problem in the transmission process.
The news is not credible.
Through this so-called digital signature technology, the problem of reliable communication can be effectively solved. If the original message is being transmitted
It was tampered with in the process of sending, so at the message receiver, the abstract extracted from the tampered message is positive and original.
It's different. Moreover, because the tamper does not have the private key of the message sender, even if he can recalculate the tampered message.
Abstract, and digital signatures cannot be forged.
What about the digital signature?
To sum up, a digital signature is actually a number that can only be generated by the sender of the information and cannot be forged by others.
String, this number string is also an effective proof of the authenticity of the information sent by the information sender.
I don't know if you have noticed that this digital signature method mentioned above has a premise, that is, the receiver of the message.
You must obtain the correct public key in advance. If you tamper with the public key from the beginning, the bad guys will be regarded as good people by you.
People, and the message sent to you by the real message sender will be regarded as invalid by you. Moreover, many times it doesn't exist at all.
An information channel that delivers public keys in advance. So how to ensure the security and credibility of the public key? This depends on digital certificates.
It's over.
The so-called digital certificate generally includes the following contents:
Certificate issuer
The validity of the certificate.
The public key of the message sender.
Certificate Owner (Subject)
Algorithms used in digital signature
digital signature
It can be seen that digital certificates actually use digital signature technology. Only the content to be signed belongs to the sender of the message.
Public key and some other information. But unlike ordinary digital signature, the signer in digital certificate is not casual.
It is an ordinary institution, but it has a certain credibility. It's like signing your college diploma.
They are generally respected principals. Generally speaking, the root certificates of these trusted institutions have been shipped.
Pre-installed on your device. So the digital certificate can guarantee that the public key in the digital certificate is indeed this.
The owner of the certificate, or the certificate can be used to confirm the identity of another party. Digital certificates are mainly used to solve public keys.
Security issues.
To sum up, to sum up, the general process of digital signature and signature verification is shown in the following figure:
Reference link: blogs.com/dacainiao/p/5842987.html