Learn to read the article address: http://www.youdzone.com/signature.html
In addition, it is a good habit to write some notes during the learning process.
The principle of public key and private key:
- A public key corresponds to a private key.
- In the key pair, what everyone knows is the public key, and what only you know is the private key.
- If data is encrypted with one of the keys, only the corresponding key can decrypt it.
- If the data can be decrypted with one of the keys, the data must be encrypted by the corresponding key.
bob has a pair of public key and private key, he keeps the private key and distributes the public key to pat and susan
case1: Susan writes an encrypted letter with bob's public key and sends it to bob
Susan wants to invite Bob to date her, encrypt the letter with Bob's public key and send it to Bob. The letter itself is encrypted. After Bob gets the encrypted file, he decrypts it with his private key to get the correct letter content. Only Bob owns the private key. Even if others get the ciphertext letter, they will not be able to know the true content of the letter.
case2: bob replies to susan with a digital signature
Bob accepts Susan's dating request and decides to send a digital signature to Susan. The content of the reply can be seen by everyone. First bob writes the letter, uses the hash function to form a digest of the letter, then encrypts the digest with the private key into a digital signature (Signature), and attaches the digital signature to the letter and sends it to susan . After Susan received the letter, how did he determine that the letter was sent by Bob? First, she decrypts the digital signature (signature) with Bob's public key, and then uses the hash function to form a digest (digest). bob's too. Digital signatures can prevent content from being tampered with by others during transmission over the Internet.
case3: digital signature scam
If story 2 develops like this, Doug actually has been in love with susan for a long time. He knows that susan has a dating request for bob (sneak into Bob's computer offline, or glance at him), he goes back and decides to impersonate bob and respond to susan's invitation. First, doug sneaked into susan's system, replaced bob's public key with his own, and then used his private key to send susan a letter refusing dating, in the name of bob. Susan thought it was written by bob, so he used bob's public key (which had been replaced by doug's public key at this time), unlocked the digital signature, and passed the verification. Susan decided it was Bob who rejected her. doug cheated susan perfectly.
case4: Digital Certification
Bob decided to make a digital certificate for his public key and let a third party keep the public key to prevent the destruction of the doug. He found the "certificate authority" (CA for short). CA also has its own public key and private key. It encrypts bob's public key and bob's information together to make a digital certificate. After bob has this digital certificate, when he writes a letter to susan, he not only attaches the digital signature to the letter, but also attaches the digital certificate. After susan gets the letter, he decrypts the digital certificate with ca's public key to get bob's public key, and then unlocks bob's digital signature.