Digital Signature question

/usr/usr Member Posts: 1,768 ■■■□□□□□□□
I feel dumb for asking this, but this CEH book has me confused.

I understood a digital signature to be as follows. You encrypt the hash of a message with your private key. The receiver performs the same hash on the message he receives, decrypts your hash, and compares the two.

The CEH material is fuzzy, but it appears they are saying the message is hashed WITH the private key. In which case, the receiver would not be able to obtain a hash which would match up.

Comments

  • SturmbahnSturmbahn Member Posts: 11 ■■■□□□□□□□
    The message digest is encrypted with your private key and sent with the message. Your friend uses the same algorithm to create a message digest as you, decrypts your message digest using your public key, and then compares the two. This shows that your unique private key is a mate of the openly available public key and authenticates you to him. Prevents man-in-the-middle attacks because the private key is kept secret the entire time.
Sign In or Register to comment.