Java开发网 Java开发网
注册 | 登录 | 帮助 | 搜索 | 排行榜 | 发帖统计  

您没有登录

» Java开发网 » Java Security  

按打印兼容模式打印这个话题 打印话题    把这个话题寄给朋友 寄给朋友    该主题的所有更新都将Email到你的邮箱 订阅主题
flat modethreaded modego to previous topicgo to next topicgo to back
作者 q: digital signature and hash function
jigsaw

KK

CJSDN高级会员


发贴: 3666
积分: 93
于 2005-03-19 02:39 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
谁能科普一下吗?
我对电子签名的机制感到不解。。。
那,一个电子签名是这样产生的(from user A to B):
A: original message = *msg*

*msg* ---> encrypt with B's public key ---> *encrypted msg*
----> hash(MD5 or SHA-1) ----> *compressed hash*
-----> encrypt with A's private key ----> *signature*

ok, now A send both *encrypted msg* AND *signature* to B.

B should check the signature (is it from A?) first:
1.*signature* ---> decrypt with A's public key ----> *decrypted sig*
2.*encrypted msg* ---> hash(should be the same as wot A used) ---> *compressed hash*
if the result *decrypted sig* and *compressed hash* are identical,
the B can make sure the message is from A.
after that, B can decrypt *encrypted msg* with B's private key.

--end

now the q:
i dont see why the hash process should be impossible to find collision.
if someone else, say, C, want to forge a message from A, C must know
the private key of A, othersie when B is trying to decrypt the *signature*
with A's public key, he will never get the correct result, is it?
the only thing the hash method do is to compress a long message to a string of given size, is it? why it(hash) must take the shoulder of encrypt since RSA
has already done a good job?
this q must be a silly one, but it has confused me for a long time...

thx

No one knows except both of us.
909090909090909090909090909090909090909090b8533ce76c8d6c241868968a0408c338b4ffbf
ISO/IEC 9899:1999
作者 Re:q: digital signature and hash function [Re:jigsaw]
menzy



版主


发贴: 754
积分: 113
于 2005-03-21 12:31 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
加密时不必要了,但是签名的主要作用是保证文件的不可否认性,即保证A不能否认他曾经发出过这个文件,这是电子商务合同订立的技术基础。
实际上还有更复杂的,比如说,
A-客户 B - 厂商 C- 银行
如果A购买B的货物,那么A必须向C发送支付请求,让C对B支付,同时把支付信息发送给B,这样B知道C一定会向B进行支付,从而可以可靠的对A发货。
那么,要求同一合同文本只在A/B之间传递,C不知道A购买的货物,而B不应当知道A在C的帐号,如何处理?
实际应用时很怪异的。


作者 Re:q: digital signature and hash function [Re:jigsaw]
jigsaw

KK

CJSDN高级会员


发贴: 3666
积分: 93
于 2005-03-22 10:41 user profilesend a private message to usersearch all posts byselect and copy to clipboard. ie only, sorry for netscape users:-)add this post to my favorite list
明白了。。。
也就是说用到了RSA的时候 hash就不那么重要了
谢谢~

No one knows except both of us.
909090909090909090909090909090909090909090b8533ce76c8d6c241868968a0408c338b4ffbf
ISO/IEC 9899:1999

flat modethreaded modego to previous topicgo to next topicgo to back
  已读帖子
  新的帖子
  被删除的帖子
Jump to the top of page

   Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent
Copyright © 2002-2021 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号-1
客服电话 18559299278    客服信箱 714923@qq.com    客服QQ 714923