Seth Goodman writes:
From: Miles Libbey
Sent: Wednesday, September 22, 2004 9:47 AM
Hey folks-
Given a private key, its coresponding public key, and a digital
signature (but no content), can one prove the signature was generated
using the private key? If so, which combinations of the above can
prove it?
I don't believe so. The signature is created by performing a series of
mathematical functions on the data using the private key. The corresponding
operation at the recipient is to perform a series of mathematical operations
on the data and the signature using the public key and looking for a known
result. So to answer your question, the recipient needs the same data that
the sender signed, the signature and the public key to validate, or prove
invalid, the data and signature.
More to the point, an RSA signature is nothing more than an
encryption using the private key. What you encrypt is rather
up to you, and in the case of a signature it's a one way
hash of some dataset that the verifier can also run when it
receives the message. So I'd say that it's sort of
definitional that if you don't have a hash, or that the
hash is of the null dataset, that it isn't a "signature".
Mike