equal
deleted
inserted
replaced
1 /** |
|
2 @page Security_signatures Digital signatures |
|
3 |
|
4 A digital signature is used to verify that a message (or data) actually came from the sender (the one who signed the |
|
5 message) and that it has not been tampered with. |
|
6 |
|
7 A signature is formed by producing a fixed-length digest (@ref hash) of the message using a hash algorithm, which is then |
|
8 encrypted using the sender's private key. This signature and the message are then sent to the recipient. |
|
9 |
|
10 The receiver can then verify the signature as follows: a @ref hash is produced of the sender's message (using the hashing |
|
11 algorithm sent with the signature); also, using the sender's public key, their signature is decrypted into a @ref hash. |
|
12 These two hashes are compared: if they are the same, it is more or less certain that the public key used for the |
|
13 @ref decryption corresponds to the private key used to create the signature, thus data integrity is validated. |
|
14 |
|
15 |
|
16 */ |
|