Recently the topic of spam came up in one of the meeting of the PMUG. Someone suggested that digital signatures was one solution to the problem of spam but there was no clear understanding of digital signatures and how they help with the spam problem. I intend to write a concise but easily understood series of article on digital signatures, email encryption, and how to use it on Mac OS X ( with Mail.app ).
What is a digital signature?
According to Wikipedia:
A digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a handwritten signature on paper.
Digital signatures are one component of what is called a public key infrastructure ( PKI ). PKI provides mechanisms and process for ensuring the confidentiality and integrity of digital information. It allows someone to prove his/her online identity and that documents and communications ( e.g. email and banking transaction ) haven’t been tampered with.
How does it work?
The science behind PKI involves some very complicated math. It involves finding the factors of very long prime numbers. These factors are used to create two keys, one private and one public. The private key is kept strictly confidential and is not shared with anyone, while the public key is distributed widely. Messages encoded with the private key can only be decoded with the corresponding public key and message encoded with the public key can only be decoded by private key.
How is this useful for digital signing?
The idea is to take piece of digital data and using a mathematical algorithm compute a large number called a hash – a small digital “fingerprint” made from any kind of data. The hashing function should create a unique hash for any particular piece of data. If the data changes then the hash will also change and we will know that the data has been tampered with.
To digitally sign a document, we compute the hash of the document and then encode the hash using the a private key. Since the data was encoded with the private key, it can only be decoded with the corresponding public key. To verify that the document ( e.g. email message ) came from that user, simply decode the hash using the widely known public key, compute a new hash from received document, and compare against the hash that was sent. If the hashes do not match we know that the document was tampered with. We know who sent the message because only that user has the private key used to encode the message.
How do I know the person sending the message is the person sending the message?
How do I know that the doctors is really a doctor? That the lawyer really knows the law? In the end, everything in security boils down to trust … but verify. In the real world we have authorities that certify that the doctors and lawyers ( teacher etc ) know what they are doing. The doctor or lawyers has been issued a license (certificate) to practice their craft. In a similar way PKI has the concept of a Certificate Authority (CA).
The user securely creates a private key and the CA signs the users public key with their private. This places their stamp of approval on the user digital certificates. The system is very heavily dependent on the trust placed in the CA. If the private key of the CA is compromised the entire PKI system is at risk since anyone could use that private key to create digital certificates. Similarly if the user loses his/her private key then anyone could digitally impersonate that user.
How does it all work together?
- A and B want to exchange confidential message. – A creates a message and encodes the message ( and the message hash ) using B’s public key. B receives the message and decodes the message using his/her confidential private key. B is the only one who can decode the message because B has the private key.
- A wants to send B an ( non-confidential ) message but B wants assurances the message did come from A. -A creates a message and encodes the hash of the message using her private key. B received the message and decodes the hash using As public key. B knows the message came from A because only A has the private key to encode the hash.
What’s Next?
In my next article I plan to show how to use digital certificate and digital signature to make your email more secure.
References:
- Public-key encryption for dummies, MIKE ROTHMAN, Network World, 05/17/99,
http://www.networkworld.com/news/64452_05-17-1999.html - Digital signature,Wikipedia,
http://en.wikipedia.org/wiki/Digital_signature#Definition - Cryptographic hash function, Wikipedia,
http://en.wikipedia.org/wiki/Cryptographic_hash_function - What is PKI?, SearchSecurity.com, 10 Oct 2006,Jim Brayton, Andrea Finneman, Nathan Turajski, and Scott Wiltsey,
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci214299,00.html
Hi Khurt,
Finally, a really clear explanation of Certificates. Two quick points:
1. Is our Blog software capable of turning a URL into a hyperlink (i.e. the above references aren’t hyperlinks)?
2. Can any anyone add to the Blog? Or can only members (and how can they add)?
– Alan
@Alan Fox, Yes the links URL should have been hyperlinks. I’ll fix that. There different roles in wordpress. The default is subscriber. If a member wants another role we can do that as well. Here is a summary of the roles.
Administrator – Somebody who has access to all the administration features
Editor – Somebody who can publish posts, manage posts as well as manage other people’s posts, etc.
Author – Somebody who can publish and manage their own posts
Contributor – Somebody who can write and manage their posts but not publish posts
Subscriber – Somebody who can read comments/comment/receive news letters, etc.
@Alan Fox, There was quite a bit of comment spam ( over 100 ) so I changed the blog setting. Commenters will not be required to register to comment.
Hi Khurt,
Finally, a really clear explanation of Certificates. Two quick points:
1. Is our Blog software capable of turning a URL into a hyperlink (i.e. the above references aren’t hyperlinks)?
2. Can any anyone add to the Blog? Or can only members (and how can they add)?
– Alan
@Alan Fox, Yes the links URL should have been hyperlinks. I’ll fix that. There different roles in wordpress. The default is subscriber. If a member wants another role we can do that as well. Here is a summary of the roles.
@Alan Fox, There was quite a bit of comment spam ( over 100 ) so I changed the blog setting. Commenters will not be required to register to comment.
Hi Khurt,
I hadn’t registered earlier, so I guessing my original comments never made it.
First off – great job on certificates! Finally a clear explanation.
Next – I’m guessing the Blog software didn’t let you turn the URLs above into hyperlinks. Can that be changed?
Finally, are we letting anyone post? Perhaps a FAQ would help in who and how one can add to the Blog.
Thanks again for a superb job!
– Alan
@Quisp430, The site now has a blog posting FAQ. I appreciate the feedback. Let me know how else I can help.
Hi Khurt,
I hadn’t registered earlier, so I guessing my original comments never made it.
First off – great job on certificates! Finally a clear explanation.
Next – I’m guessing the Blog software didn’t let you turn the URLs above into hyperlinks. Can that be changed?
Finally, are we letting anyone post? Perhaps a FAQ would help in who and how one can add to the Blog.
Thanks again for a superb job!
– Alan
@Quisp430, The site now has a blog posting FAQ. I appreciate the feedback. Let me know how else I can help.
@Quisp430, The site now has a blog posting FAQ. I appreciate the feedback. Let me know how else I can help.
@Quisp430, The site now has a blog posting FAQ. I appreciate the feedback. Let me know how else I can help.
Gotta love that new iPhone 3G s, might get one if I can find a good AT&T plan with it