0

Hello, I have clear the process to sign a document. You need a certificate made by a CA. You have a public and private key. With the private you sign and with the public the people open your signed document. When you sign a document a math algoritm process the file and then generate a hash, later with the private key this hash is encrypted. Finally I need to add (concat) this encrypted hash to the document.

Now, to open this document I need to separate the encrypt hash code from the document. And I need the public key to verify the validity of the document. This is very clear for me.

So.. The questions is... From where the people get the public key??? And how I check who sign the document??

Do I need to append my certificate to the document that I want to sing?? If It's true. Is that not insecure??? give my certificate to everyone??

thanks,

3
Contributors
4
Replies
5
Views
6 Years
Discussion Span
Last Post by Rashakil Fol
0

You do not need a authorized certificate, though you may use it if you prefer. What the Certificate Authority does is "guarantee" that you are who you say you are. That guarantee can be via a public key associated with your certificate.

Where do people get the public key? You get it (possibly indirectly) from the sender. This does two things: First, it allows you to decrypt the signed document. Second, because it does allow you to decrypt, you know that it did indeed come from the sender who gave you the key. Of these, the second is usually considered the more important (if you are trying to do private communication as opposed to signed, then the techniques for handling the keys are somewhat more difficult).

how do I check who signed the document? See the previous answer.

Is it not insecure to give away my certificate to the recipient?. You don't give the certificate. You give a public key associated with it.

Here's a reasonable article http://en.wikipedia.org/wiki/Certificate_authority

0

Where do people get the public key? You get it (possibly indirectly) from the sender. This does two things: First, it allows you to decrypt the signed document. Second, because it does allow you to decrypt, you know that it did indeed come from the sender who gave you the key.

Nobody said anything about encrypting the document.

Is it not insecure to give away my certificate to the recipient?. You don't give the certificate. You give a public key associated with it.

Uh, no, you give the public key certificate.

0

Semantic quibbles are silly. You give a public key that is associated with your private key. Who holds the private key is relevant only as to trust issues (it should be the sender or someone the sender fully trusts). How the receiver gets the public key is relevant to trust, but otherwise unimportant. Whether the whole message is encrypted or only a "signature" part is irrelevant. Certificate Authorities make a business out of being a trustworthy purveyor of public keys, but the verification that the sender knows the private key associated with the public one is done by the receiver. If you want to call the public key a "public key certificate" that's fine with me, but it is the same thing by any name.

To be more specific: If the whole document is not encrypted, then the signature has to be "locked" by the private key and by the contents of the message. "Unlocking" the signature then verifies that the private key was owned by the actual sender and that the message has not been altered during its journey. If the whole document is encrypted, then the fact that the public key decrypts it is proof of both the sender's bona fides and that the message has been unaltered.

If the sender gives you both the key and the message via the same channel, you have some doubt about whether the sender is who they say they are. If you get the key from a CA, then you can trust the sender as much as you trust the CA... which is why they spend the effort to be clearly non-corruptible. If you get the public key via some other channel than the message, maybe by phoning your sender and asking for (him) to read it aloud, then the CA is not needed to verify the sender's identity, and you can use the public key to prove (to the degree that you trust the channel) that your sender was the actual author. See, for instance Pretty Good Privacy.

Edited by griswolf: clarify "channel"

1

Semantic quibbles are silly.

No, when you say wrong things, like "you don't give the certificate," then you're wrong. Deal with it. Making secure systems is hard enough without people wantonly guessing the meaning of terminology.

You give a public key that is associated with your private key. Who holds the private key is relevant only as to trust issues (it should be the sender or someone the sender fully trusts). How the receiver gets the public key is relevant to trust, but otherwise unimportant. Whether the whole message is encrypted or only a "signature" part is irrelevant.

It is relevant, because then you're doing different things. If you encrypt the message, then the message is secret. If you don't, then the message is not secret. What does that have to do with authentication? Nothing. Authentication is a different idea than encryption, and needs to be identified as such.

To be more specific: If the whole document is not encrypted, then the signature has to be "locked" by the private key and by the contents of the message. "Unlocking" the signature then verifies that the private key was owned by the actual sender and that the message has not been altered during its journey. If the whole document is encrypted, then the fact that the public key decrypts it is proof of both the sender's bona fides and that the message has been unaltered.

Nope. This is wrong, and it's talking about stuff that doesn't happen. One does not encrypt documents using a private key, so that somebody else may decrypt it with the public key. That would be worthless -- everybody has the public key, so there would be no secrecy gained by encryption.

Also, you're wrong because encryption is not authentication. Encrypted documents also have signatures, and that's what serves as proof that the message was unaltered. The authentication step happens automatically.

If the sender gives you both the key and the message via the same channel, you have some doubt about whether the sender is who they say they are. If you get the key from a CA, then you can trust the sender as much as you trust the CA... which is why they spend the effort to be clearly non-corruptible.

Nope. The sender sends you the certificate. Your browser can look at the certificate and see that it has been signed by a CA that the browser trusts. You don't "get the [sender's certificate] from the CA."

Also, I have to lol at your implication that CA's seem non-corruptible.

If you get the public key via some other channel than the message, maybe by phoning your sender and asking for (him) to read it aloud, then the CA is not needed to verify the sender's identity, and you can use the public key to prove (to the degree that you trust the channel) that your sender was the actual author.

Yes. Though, really, you'd want the sender to read the key's fingerprint, not the key itself.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.