About digital signatures
What exactly are "digital signature" and "digital certificate"?
Ledger and electronic signature, a public ledger is a very simple payment system, the agreement looks like this, anyone can add a new line to the ledger, and settle accounts at regular intervals, but such a public ledger has a Question: Since anyone can add a new line, how can they trust these transactions? This touches on the first point of cryptography: electronic signatures (and it should be nearly impossible for someone else to forge his signature) At first glance, electronic signatures seem impossible, in the real world, your handwritten signature, regardless of It looks the same on any document, and in the virtual world, no matter what data the signature uses, the computer can read and copy it, so how can we avoid forgery?
It can be roughly guessed that to prevent others from using your signature in other places by copying, this requires your signature to be different each time, and this creates another problem, how do others know that this is your signature, and how? Can you know that the information you signed has not been changed?
A subtle way to solve these problems at the same time: everyone generates a "public-private key pair" (a string of bits), the "private key" is also called "key" written as sk, and the public key is written as pk, as the name suggests, the key is to be kept private by yourself, and the public key is public. You use your private key and information to generate a *digital signature, and the generated digital signature will change according to the change of the information, just slightly The signature corresponding to the following information will also become completely different. The function that generates the signature depends on the information itself and your private key. The private key determines that only you can give that signature, and the information can change the signature. This also solves the problem of preventing others from using your signature in other places by copying and preventing others from changing the data you signed (in either case, the information changes, and the corresponding digital signature also changes. , so it is not the same as the digital signature of the information you have confirmed).
*Note: The process of "generating" a digital signature with a private key and information here is achieved through a hash function, which will be mentioned later.
The problem has not been solved yet. Others don't know your private key, so how do they know that the digital signature you gave is given by your private key? The public key issued to confirm that the signer does have the private key.
This process is more complicated, and it is good to know for the time being that it can be done this way.
To sum up, the conditions that digital signatures need to meet:
1. The digital signature needs to prove that the information has been confirmed by the person himself.
2. To prevent others from using your signature in other places by copying.
3. To be able to know that the information you signed has not been changed.
The satisfactory method is to generate a matching private key and public key, put the private key and information as independent variables into the hash function to obtain a digital signature, and others can confirm that the signer has the private key through the public key.