mailing list archives
Re: Digital signature Question
From: Florian Streck <streck () papafloh de>
Date: Fri, 7 Nov 2003 00:30:46 +0100
On Thu, Nov 06, 2003 at 12:53:02PM -0600, Roger A. Grimes wrote:
It's that time of the month again, when I gain weight, retain water, and
feel stressed...it's time for me to bug the fine folks of this list with my
seemingly monthly question about public/private crypto stuff. I've asked a
few questions over the months and the excellent responses have been
overwhelming. I always get my answer (and enough wrong replies to make me
realize that I'm not the only one still trying to understand crypto even
after ten years in the security field). So, thanks in advance to anyone who
Main Question: When I hash a message to authenticate it, and then encrypt
the hash result with a private key to make a digital signature, is the
private key I'm using at that point (normally) a shared symmetric private
key or my private key from my private/public key pair?
I see many web sites (ex. www.whatis.com, and many others saying) that a
digital signature is made when the user uses their CA assigned private key
to encrypt the hash result. But my understanding has always been that
private/public key crypto exists mainly to transport the more secure shared
symmetric private key that does the original signing/encrypting.
First important fact is that symetric algorithms ( at least the ones in
use) are much faster than asymetric ones AFAIK.
If I want to sign a hash there is very little data to be signed so there
is not much time to be saved. That means there is no reason to use a
symetric key, that would have to be transported to the destination in a
secure way (asuming that I haven't sent my mailing partner a CD or
Floppy with the key) which would require to encrypt that key with the
public part of the asymetric key of my partner.
My conclusion, without knowing if it really is implemented that
way (but hoping): Signing is done with your private key from your
Another thing is encrypting mails. Since you might have a very long mail
it makes sense to use a fast algorithm, which means a symetric one.
Therefore you generate a key for that symetric algorithm, encrypt the
mail, and then, encrypt that symetric key with the public key of the
recipient. So the slow asymetric method is used on very little data.
Another effect is that you might want to send your encrypted mail to a group of
people and the additional work is just to encrypt that symetric key for
every recipient. This makes the process very fast compared to the
variant where you have to encrypt the mail with a different public key
for every recipient.
I hope I could help you with my answer. And if I got it wrong I hope
that there is a crypto-guru on this list to correct my errors.
FORTUNE'S RULES TO LIVE BY: #23
Don't cut off a police car when making an illegal U-turn.