I don't understand something which is probably very trivial but still doesn't make sense to me, why we need digital signature if they can be decripted with a public key. According to this article https://www.instantssl.com/https-tutorials/digital-signature.html Alice writes a message, then the message is hashed and encrypted using pk. The encrypted message is sent over, and Bob decrypts it using only the public key form Alice. They the hashes are compared etc... I understand eveything apart from one step: if bob can decrypt the message with only a public key, how is that preventing the message to be decrypted by anyone else, and, if this is not the point of a digital signature (encryption), why do we even bother encrypting the hash of the message. Couldn't bob simply run the hash of the message received and compare it to what alice has send him as a hash ?
4 Answers
Encryption and Digital Signatures serve two very different purposes. You're getting them confused.
We hash the message, encrypt the hash with our private key, then send the plaintext message and the encrypted hash to our recipient.
Our recipient uses our public key to decrypt the hash, hashes the plaintext message themselves, and compares the two hashes.
If the hashes match, the recipient can tell that the message actually did come from us (or, at least, someone with the private key).
A digital signature is similar to paper signs. Professionals can verify that the signature on the paper belongs to you by comparing your previous signatures.
In digital signature, to verify your e-sign, 3rd party uses your publicly available key, public key, to verify your signature that can be only signed by your private key.
Alice writes a message, then the message is hashed and encrypted using pk. The encrypted message is sent over, and Bob decrypts it using only the public key form Alice.
I think you are confusing here.
If this is a message sent to Bob by Alice then Alice uses Bob's public key. Bob can decrypt this message by using his private key.
if Alice wants to sign a message that Alice uses her private key, to sign the message and sends to the Bob that he can verify the signature by using Alice's public key.
I understand eveything apart from one step: if bob can decrypt the message with only a public key, how is that preventing the message to be decrypted by anyone else, and, if this is not the point of a digital signature
- Bob verify the signature by using Alice's public key. Everybody can verify. Signatures don't contain the message, the contains the hash of the message.
If the hashes match, the recipient can tell that the message actually did come from us (or, at least, someone with the private key)
This is not correct. . Matching hash only confirms that the message is not altered, but without signature B has no means to validate the whole message is coming from A
You can have an active attacker Eve, who could create a new fake message, generate hash, encrypt for Bob. Bob has no means to be sure who sent the message.
encrypting the hash of the message
Not really, the message is signed, not encrypted.
A uses her private key to apply decryption operation on the message hash and send it as a signature
B uses A's public key to apply encryption operation on the signature and the result must much the hash. Now B can be sure the signature is coming from A
Signing is mathematically the same operation as decryption, but in real use there are differences, mainly in padding
Additional to the other answers:
You may think, "If the signature is just an attachment, can't I just remove it?" Yes, you can. But it is not signed anymore, so most of the times it's not a valid document anymore, but just an ordinary file. A signature is only to verify that this exact version of this file/document has been signed/created from this user. So everybody should be able to verify that.
