View previous topic :: View next topic |
Author |
Message |
mohammadkh Just Arrived
Joined: 19 Oct 2008 Posts: 0
|
Posted: Sun Oct 19, 2008 9:18 am Post subject: Signature, Public Key and Thumbprint algorithm |
|
|
Hi,
What is the role of Signature, Public Key and Thumbprint algorithm in digital certificate?
and practically which one use for signing document?
thanks.
|
|
Back to top |
|
|
Fire Ant Trusted SF Member
Joined: 27 Jun 2008 Posts: 3 Location: London
|
Posted: Sun Oct 19, 2008 5:11 pm Post subject: |
|
|
mohammadkh,
When signing a document you use non of those listed. You use your private key to sign an object. This can then be validated by external parties by using your public key from your certificate and the signature from our document. The public key is used for other people to encrypt data to you. The signature is a the CN of the issuing certificate which has been encrypted to the issuers private key which can be decrypted by the issuers public. This proves who issued the certificate e.g. Versigin. The thumbprint of the algorithm is just that.
The Key Usage attribute states what can be done with the certificate e.g. Encryption, Signing, S/MIME.
If you are interested in PKI I suggest reading Understanding PKI: Concepts, Standards, and Deployment Considerations by Carlisle Adams and Steve Lloyd.
Matt_s
|
|
Back to top |
|
|
Fire Ant Trusted SF Member
Joined: 27 Jun 2008 Posts: 3 Location: London
|
Posted: Sun Oct 19, 2008 7:30 pm Post subject: |
|
|
Sorry, a typo with regards to the signature in the certificate, I meant Subject DN not CN.
|
|
Back to top |
|
|
mohammadkh Just Arrived
Joined: 19 Oct 2008 Posts: 0
|
Posted: Tue Oct 21, 2008 1:04 pm Post subject: |
|
|
Thanks for your answer,
I must correct my question:
What is the role of Public Key algorithm(I'm talking about the Public Key referred to by the PublicKey field of the Windows certificate manager) in Sigining documents?
signing document steps in technical manner is, first generate message digest called hashing, second encrypt the message digest with private key, the result is digital signature and totally append this result to document.
Which Symetric key cryptography algorithm use in encrypting this message digest?
thanks.
|
|
Back to top |
|
|
Fire Ant Trusted SF Member
Joined: 27 Jun 2008 Posts: 3 Location: London
|
Posted: Tue Oct 21, 2008 6:57 pm Post subject: |
|
|
mohammadkh,
There is no Symmetric key used when signing an object. The Signature Algorithm in the certificate states which Hashing algorithm is used and which Asymmetric Algorithm is used to encrypt the Hash. For example a certificate would have the Signature Algorithm attribute state sha1RSA, this means that any object signed using that certificate will have the data hashed with SHA1 hen encrypted with the certificates private key using RSA.
Be aware that to sign an object you must have the Signing attribute set in the Key Usages attribute. The Key Usages attribute states what you can use the certificate for e.g. Key Encipherment, Non-Repudiation, Signing etc.
Matt_s
|
|
Back to top |
|
|
|