skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 2:... HP Open Source Security for OpenVMS Volume 2:...
go to beginning of chapter: Overview of SSL Overview of SSL
go to previous page: Cipher Suite Cipher Suite
go to next page: Using the Certificate ToolUsing the Certificate Tool
end of book navigation links

Digital Signatures 



Encryption and decryption address the problem of eavesdropping. However, tampering and impersonation are still possible.

Public key cryptography addresses the problem of tampering using a mathematical function called a one-way hash function (also called a message digest function or algorithm). A one-way hash is a fixed-length number whose value is unique to the data being hashed. Any change in the data, even deleting or altering a single character, results in a different value.

For all practical purposes, the content of the hashed data cannot be deduced from the hash, which is why it is called "one-way."

This principle is the crucial part of digitally signing any data. Instead of encrypting the data itself, the signing software creates a one-way hash of the data, then uses your private key to encrypt the hash. The encrypted hash, along with other information, such as the hashing algorithm, is known as a digital signature.

go to previous page: Cipher Suite Cipher Suite
go to next page: Using the Certificate ToolUsing the Certificate Tool