Digital signature background
On August 28, 2004, the Eleventh Session of the Standing Committee of the Tenth National People's Congress passed the "Electronic Signature Law of the People's Republic of China", which came into effect on April 1, 2005.
Digital Signature (Digital Signature) refers to the result obtained by the signer using the private key to perform cryptographic operations on the hash value of the data to be signed. The result can only be verified using the signer's public key, which is used to confirm the integrity of the data to be signed, the authenticity of the signer's identity and the non-repudiation of the signing behavior. The purpose of digital signature is to realize the function of traditional paper signature or seal through network information security technology to confirm the true identity of the parties to the transaction and ensure the security, authenticity and non-repudiation of the transaction. Digital signatures have the same characteristics as handwritten signatures, which are credible, unforgeable, non-reusable, non-repudiable and unmodifiable. A digital signature should at least meet the following three conditions:
Non-repudiation: the signer cannot deny his signature afterwards;
Authenticity: the recipient can verify the signature, and no one else can forge the signature;
Authenticity: When there is a dispute between two parties about the authenticity of the signature, a third party can resolve the dispute between the two parties.
A digital signature is a digital string that only the sender of the message can produce and cannot be forged by others. This digital string is also an effective proof of the authenticity of the message sent by the sender of the message. A set of digital signatures usually defines two complementary operations, one for signing and the other for verification.
A digital signature scheme generally consists of a signature verification algorithm, a signature key, and a signature verification key. The signature key is secret and only the signer has it; while the signature algorithm and verification key are public for others to verify. Typical digital signature schemes include RSA signature system, Rabin signature system, EIGamal signature system, DSS standard and SM2 signature system.
Principle of digital signature
Digital signature is a comprehensive application of asymmetric encryption technology and digital abstract technology. It refers to encrypting the summary information H(M) of the communication content with the sender's private key, and then transmitting the ciphertext and the original text to the receiver of the information. The receiver uses the sender's public key information to decrypt the encrypted digest information, and then uses the same digest algorithm as the sender to generate a digest H'(M) for the received content in the same way as the decrypted digest H(M) for comparison, if they are the same, it means that the received content is complete and has not been tampered by a third party during transmission, otherwise it means that the communication content has been modified by a third party.
A digital signature is to process the information to be transmitted through a single function (Hash function), and obtain a string used to authenticate the source of the information and verify whether the information has changed during the transmission process; the digital signature provides the determination of the source of the information And can detect whether the information has been tampered with.
digital signature process
Everyone has their own private key, which is kept secret from the outside world, and the information encrypted by the private key can only be decrypted by its corresponding public key. Therefore, the private key can represent the identity of the private key holder, and the identity of the private key owner can be verified through the public key corresponding to the private key.
Through digital signature, it can be confirmed that the message was signed and sent by the sender of the message, because other people cannot fake the signature of the sender of the message at all, and they do not have the private key of the sender of the message. Different contents have different digest information. The digital digest algorithm can ensure the integrity of the transmitted content. If the transmitted content is tampered with in the middle, the value of the corresponding digital signature will also change.
The process of generating a digital signature:
Verification process of digital signature:
Examples are as follows:
Assuming that Alice wants to send an electronic contract document to Bob, Alice's signature steps are as follows:
Alice uses the Hash function to generate a message digest from the electronic contract file;
Alice uses her own private key to encrypt the message digest to form a digital signature;
Alice sends the electronic contract document and digital signature to Bob;
After Bob receives the electronic contract document and digital signature sent by Alice, in order to be sure that the electronic contract document is approved by Alice, the verification steps are as follows:
Bob uses the same Hash algorithm as Alice to calculate the message digest of the received electronic file;
Bob uses Alice's public key to decrypt the encrypted message digest from Alice and restore Alice's original message digest;
Bob compares the similarities and differences between the message digest generated by himself and the recovered message digest. If the two are the same, it means that the electronic contract document is from Alice; otherwise, it means that the electronic contract document has been modified.
Different digest algorithms and different asymmetric encryption methods have different digital signature algorithms.
Signature Verification Scheme
Option One:
The signer uses the public key cryptography algorithm and its own private key to encrypt the plaintext to generate a signature data, which is the digital signature of the signer;
The signature verification party uses the public key cryptography algorithm and the public key of the signer to decrypt the signature data to obtain the original text.
Option II:
Sender Alice: The sender uses a certain digest algorithm to generate a hash value (called a message digest) from the message; the sender uses the RSA algorithm (public key algorithm EIGamal, SM2, etc.) and its own private key to pair the hash value. The column value is encrypted to generate a signature data, which is the digital signature of the sender; the signature data is sent to the receiver together with the message as an attachment of the message. The sender contains: signer, original text, algorithm (Hash algorithm, public key algorithm), private key of the signer;
Receiver Bob: The receiver uses the same digest algorithm to calculate a hash value from the received original message; the receiver of the message uses the RSA algorithm (public key algorithm EIGamal, SM2, etc.) and the sender's public key pair The signature data attached to the message is decrypted to obtain the decrypted data; if the decrypted data is the same as the calculated hash value, then the receiver can confirm that the message is signed by the sender. Verifier, original text + signature, algorithm (Hash algorithm, public key algorithm), signer public key (digital certificate)
third solution:
Signer: signer, original text, algorithm (Hash algorithm, public key algorithm), private key of signer, certificate
Original text + Hash algorithm -> Summary 1
Digest 1 + private key + public key algorithm -> signature value
certificate (public key)
Transmission: data + signature value + certificate
Signature verifier: signer, original text, signature, algorithm (Hash algorithm, public key algorithm), signer public key (certificate), root certificate
has a root certificate
Sender certificate + certificate + signature verification process -> signature verification failed or passed
Certificate analysis -> public key (verify issuer, validity period, signature of root certificate, certificate revocation list)
Public key + public key cryptographic algorithm + signature value -> Digest 1
Original text + summary algorithm -> summary 2
Summary 1 == Summary 2? same pass, different fail
Passed, the data is sent by the certificate holder
Failed, data verification failed, invalid
Digital Signature Message Specification
PCKS7、PCKS1、P7b
Attached: P7 — contains original text data, signature certificate, and signature value
Detached: P7 - with signed certificate, signed value
Raw: P1 — with signed value
Digital Signature Security
man-in-the-middle attack
Attacks on one-way hash functions
Using digital signatures to attack public key cryptography
Brute force to find the private key
Trying to do a prime factorization of RSA's N
Digital Signature Application
Safety Information Bulletin
software download
public key certificate
SSL/TLS
Problems that digital signatures cannot solve
Unable to confirm the legitimacy of the public key: digital certificate
How to build a trusted digital signature chain? Who issues trusted digital certificates? PKI