3

I am newbie in information security I am trying to understand the difference between a digital signature and encryption of a message.

Lets consider simple example of email message.

I understand how each of methods works, but don't understand the real value of using one instead of another.

There are two parties anyway. For example Bob and Alice. Bob has generated a key pair (public + private).

  1. Asymmetric encryption - message is encrypted by sender that has private key. Bob encrypts message with its private key, sends it to Alice, Alice as well as anyone else has access to Bob's public key, so Alice can decrypt and read message as well as encrypt an answer with Bob's public key and send it back.

    a) Anyone can intercept communication and read Bob's message, but no one can encrypt new message and send it to Alice, because message can be only encrypted with private key.

    b) Message integrity is obvious

  2. Digital Signature Bobs calculates hash of plain text message, encrypts this hash with its private key and sends plain text message with a chunk of data called digital signature to Alice. Alice receives message, decrypts signature with Bob's public key, verifies if received message produces the same hash as was stored inside signature.

    a) Anyone can modify message, but hash calculated by Alice won't be the same. Anyone can intercept and send its own message, but Alice is waiting for message from Bob and will try to decrypt signature with Bobs public key. b) Message integrity also obvious.

I don't understand a big difference between these two methods, I mean what is the value of each. In both methods we are using asymmetric encryption. Each method provides message integrity.

Please explain what is the main difference between these ways of encrypting data?

Anders
  • 64,406
  • 24
  • 178
  • 215
CROSP
  • 155
  • 1
  • 6
  • 1
    Encrypting a hash of a file [does not form a signature](http://security.stackexchange.com/a/68836/49075). ​ See [this answer](http://crypto.stackexchange.com/q/14875/991). ​ ​ –  May 01 '16 at 17:40
  • 1
    Although creating a signature from a hash is an encryption-like operation, you shouldn't refer to it as such. Private keys are used to **decrypt**, not to **encrypt**; you use a public key to encrypt. The actual term for the operation that produces a signature is simply to **sign**; you use a private key to **sign**, and a public key to **verify**. – CBHacking May 02 '16 at 05:05

1 Answers1

4

You have got that wrong, at least the encryption.

Asymmetric Encryption is done using public key of the receiver. Therefore it provides Secrecy (nobody without private key can not read the message). But it does not provide Integrity -- anyone can encrypt any message and send it to you with your public key.

Wikipedia is a good friend:

t

Digital signature works the other way round (as you describe). It does not have to be a hash. It provides Integrity itself, but also Authentication (you know who was the author of the signature -- you are the only one with that private key).

Jakuje
  • 5,229
  • 16
  • 31
  • 3
    Worth noting here: asymmetric encryption is extremely slow, so the actual data of the message is encrypted using a randomly-generated *shared key* for a **symmetric cipher** (something like AES, 3DES, or Blowfish), and only that random symmetric key is actually encrypted using the recipient's public key. This allows decrypting megabytes of message+attachments in seconds, rather than hours. – CBHacking May 02 '16 at 05:13
  • 2
    Similarly, I believe digital signatures of entire messages could be created, but it would be very slow to create and verify them. By using a cryptographic hash function (which is very fast), it's possible to produce a string that can be signed and then verified in seconds or less. – CBHacking May 02 '16 at 05:16
  • But we can use private key for encryption and public for decryption because `d` and `e` numbers are congruent (if I used this term correctly), so any data encrypted with one key can be decrypted with another one. All in all the difference is that we are using private key for signature and public for verification. Also signature saves data because hash produced by some function is shorter than whole message. Simple asymmetric encryption is vice versa (public/private key). Am I right ? – CROSP May 02 '16 at 15:04
  • @Jakuje, Thanks, I have just updated my comment, please have a look – CROSP May 02 '16 at 15:07
  • 1
    @CROSP Yes. It makes sense. – Jakuje May 02 '16 at 15:10