- 1 year ago

○ Digital Signatures

§ Goal: verify Authenticity of a message.

§ Based on Asymmetric Cryptography.

§ Basic operations

1. Public / Private keys generation (using some algorithm like RSA)

2. Signing algorithm using the private key

3. Signature verification algorithm using the corresponding public key

i. Extending previous Example

• Steps (Order is very important, bold stuff is the difference added to authenticate sender)

Party 1 (Alice)

1. Generates a random AES Session Key (32 bytes / 256 bits)

2. Generates a random Initialization Vector (IV) (16 bytes / 128 bits)

3. Encrypt the message to be sent using the AES Session Key & IV

4. Calculate an HMAC of the encrypted message using the AES Session key

5. Encrypt the AES Session Key using the Public Key of Party 2 (Bob) The recipient.

6. Calculate Signature using the private signing key on the HMAC

7. Sends a packet of (Encrypted Message, Encrypted Session Key, Ini

## Comments