Cyber Security Interview Prep. Q4: "Digital Signatures"

Category: Security

"How can cryptography be used to create a digital signature for non-repudiation?"

My answer:

First of all, non-repudiation means "to be certain of the sender" of something. So the question is essentially asking how one can be sure the sender of a document is who they say they are.

Asymmetric encryption can be used to create a unique string that is then attached to a document being sent. The sender would use their own private key on a hash created from the document they are sending. The resulting string is the digital signature, which is then used by the document recipient to prove the identity of the sender. The recipient would do this by using the public key of the sender on the digital signature, and then comparing the output to the hash of the plain-text document they received. If the decrypted hash from the digital signature and the hash of the plain-text match, the sender is who they say they are (or at least hold's the sender's private key).

This is simplified somewhat, and below are steps that shed more light on this process:

1) We start with an asymmetric encryption key pair. Someone wants to send a digitally signed document. The sender in this example holds the private key and public key is widely available.

2) The cleartext document that is going to be sent is hashed. That hash is then encrypted with the private key. The result is the digital signature. You send the clear document and digital signature over to the recipient.

3) The recipient receives the document and signature. They use the public key to decrypt the signature and are left with just a hash. Now if they use the same hashing algorithm on the clear-text document and find the hashed document and the decrypted digital signature is the same, they can be sure that the document was sent by the expected person, because nobody else could have encrypted the document other than the holder of the private key.

4) If you're confused, think about trying to forge the digital signature. How would you try to do it? You don't have the private key of the sender, so you can't encrypt it correctly. If you instead encrypt it with something else, when recipient receives the doc with the digital signature, they will decrypt it with the legit sender's public key. Then they will pass the clear text through the agreed hash. Then if they try to compare the hashes they will find that they do not match, so sender did not have the private key.