| Describe how digital signature are obtained | 1. A digest of the message is created
2. This digest is encrypted with the sender’s private key
3. The encrypted digest is appended to the message. This is the signature as it can only have come from the sender
4. Whole thing is encrypted with receivers public key |
| Describe how digital certificates are obtained | Issues by an official certificate authroity (CA) |
| Why is a digital signature used | Make sure sent message has not been altered with in transit |
| What does a digital certificate do | Verifies ownership of a key pair used in asymmetric encryption |
| What do digital certificates contain | A serial number
The owner’s name
An expiry date
The owner’s public key
The certificate authority’s digital signature. |
| Describe the process of receiving a signatured message | Hint:
1. A digest of the message is created
2. This digest is encrypted with the sender’s private key
3. The encrypted digest is appended to the message
This is the signature as it can only have come from the sender
1. Decrypted with senders private key
2. Digital signature is decrypted with senders public key
3. Message digest is regenerated by applying the hash function to the plaintext message
4. Message digest from digital signature is compared with regenerated message digest
5. If they are the same then the message is secure and untampered with |
