A digital signature is some data attached to a data unit, or an encrypted conversion of the data unit. This data or transformation allows the receiver of the data unit to confirm the source and integrity of the data unit and protect the data from forgery.
This is a method of signing an electronic message, and the signed message can be transmitted in a communication network. Digital signature can be obtained based on both public key cryptosystem and private key cryptosystem, mainly digital signature based on public key cryptosystem. Include general digital signature and special digital signature.
Extended data:
Realization method
Digital signature algorithm is realized by public key encryption technology. In public key encryption technology, each user has a pair of keys: a public key and a private key. The public key can be released freely, but the private key is confidential; Another requirement is that the private key cannot be deduced from the public key.
Common digital signature algorithms include three kinds of algorithms:
1. password generation algorithm;
2. Marking algorithm;
3. Verify the algorithm.
References:
Baidu Encyclopedia-Digital Signature
Briefly describe the principle of digital signature.
A digital signature is just some data attached to a data unit, or an encrypted conversion of a data unit. This data or transformation allows the receiver of the data unit to confirm the source and integrity of the data unit and protect the data from forgery.
This is a method of signing an electronic message, and the signed message can be transmitted in a communication network. Digital signature can be obtained based on both public key cryptosystem and private key cryptosystem, mainly digital signature based on public key cryptosystem. Include general digital signature and special digital signature.
Extended data:
Digital signature has two functions: first, it can be sure that the message is indeed signed by the sender, because others can't forge the sender's signature. Secondly, the digital signature can determine the integrity of the message.
Because the characteristic of digital signature is that it represents the characteristics of the file, if the file changes, the value of the digital abstract will also change. Different files will get different digital summaries. Digital signature involves hash function, sender's public key and sender's private key. "
Digital signature technology encrypts abstract information with the sender's private key and sends it to the receiver together with the original text. The receiver can decrypt the encrypted digest information only by using the sender's public key, and then use the hash function to generate the digest information for the received original text, and compare it with the decrypted digest information. If they are the same, it means that the received information is complete and has not been modified during transmission, otherwise it means that the information has been modified, so the digital signature can verify the integrity of the information.
Baidu Encyclopedia-Digital Signature
What is the basic principle of digital signature?
Digital signature is based on the application of asymmetric key encryption technology and digital digest technology. It is a numeric string, which contains electronic file information and the identity of the sender, and can identify the identity of the sender and whether the sent information has been tampered with.
The digital signature string contains the digital digest generated by the hash encoding of the electronic file, that is, the hash function value and the sender's public key and private key.
Digital signature has two functions. One is to ensure that the message is indeed signed and sent by the sender. Secondly, the digital signature can determine whether the content of the data message has been tampered with and ensure the integrity of the message. The basic workflow of digital signature is as follows:
Send encryption
1. When a digitally signed user sends an electronic file, the sender encrypts the electronic data file through a hash function to generate a data digest;
2. The sender of the digital signature encrypts the data digest with his own private key, and the digest encrypted by the private key is the digital signature;
3. The digital signature and the message will be sent to the receiver together.
Receiving decryption
1. The receiver first uses the same hash function as the sender to calculate the message digest from the received original message;
2. The receiver decrypts the digital signature attached to the message with the public key provided by the sender to obtain a digital digest;
3. If the above two summaries are consistent, you can confirm that the document content has not been tampered with.
4. The sender's public key can decrypt the digital signature, which proves that the digital signature was sent by the sender.
The above process can also be reversed, that is, when the file receiver wants to reply, he can first generate a digital digest through the hash function, then encrypt the file with the public key, and the receiver decrypts it with the private key to view the digital digest of the file.
Functional encryption principle
Hash function, also known as encryption hash function, is characterized by the uniqueness of forward output results and the almost insolubility of reverse decryption, so it can be used to encrypt data.
Forward output is easy, and the result is unique: it is very easy to calculate the corresponding hash value from the data forward, and any input can generate an output with a specific hash value. The same data input will get the same result, but a slight change in the input data will get completely different results.
Hash function is inverse insoluble: it is extremely difficult to calculate its corresponding data from hash value, which is considered impossible under the current scientific and technological conditions.
Understand the digital signature, by the way, we mention the concept of digital certificate:
digital certificate
Since the two parties communicating on the Internet may not know each other, they need a third party to introduce them. This is a digital certificate. Digital certificates are issued by certificate authorities.
First of all, AB parties should trust each other's certificates.
Then we can communicate, similar to the digital signature above. The difference is that symmetric encryption is used. This is because in the decryption process, asymmetric encryption consumes much more time than symmetric encryption. If the ciphertext is long, the efficiency is low. However, the key is generally not particularly long, and the encryption and decryption of symmetric encryption keys can improve efficiency.