HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS > Chapter 2 Overview of SSLDigital Signatures
Encryption and decryption address the problem of eavesdropping. However, tampering and impersonation are still possible. Public key cryptography addresses the problem of tampering using a mathematical function called a one-way hash function (also called a message digest function or algorithm). A one-way hash is a fixed-length number whose value is unique to the data being hashed. Any change in the data, even deleting or altering a single character, results in a different value. For all practical purposes, the content of the hashed data cannot be deduced from the hash, which is why it is called "one-way." This principle is the crucial part of digitally signing any data. Instead of encrypting the data itself, the signing software creates a one-way hash of the data, then uses your private key to encrypt the hash. The encrypted hash, along with other information, such as the hashing algorithm, is known as a digital signature. |