ietf-mailsig
[Top] [All Lists]

RE: signatures and keys -- what can one know

2004-09-22 10:37:21

From: Miles Libbey
Sent: Wednesday, September 22, 2004 9:47 AM



Hey folks-
Given a private key, its coresponding public key, and a digital
signature (but no content), can one prove the signature was generated
using the private key?  If so, which combinations of the above can
prove it?

I don't believe so.  The signature is created by performing a series of
mathematical functions on the data using the private key.  The corresponding
operation at the recipient is to perform a series of mathematical operations
on the data and the signature using the public key and looking for a known
result.  So to answer your question, the recipient needs the same data that
the sender signed, the signature and the public key to validate, or prove
invalid, the data and signature.

--

Seth Goodman


<Prev in Thread] Current Thread [Next in Thread>