數字簽名 那些密碼技術

A signature is usually used to bind signatory to the message. The digital signature is thus a technique that binds a person or the entity to the digital data. This binding ensures that the person sending the data is solely responsible for being for it and this binding can be verified by the receiver and the third party. This digital signature is also stored using hash functions so that no one’s signature can be stolen and be misused. The process of binding the data with the digital signature is as follows.

簽名通常用于將簽名者綁定到消息。 因此， 數字簽名是將個人或實體綁定到數字數據的技術。 此綁定確保發送數據的人對此負全責，并且此綁定可以由接收方和第三方驗證。 此數字簽名也使用哈希函數存儲，因此任何人的簽名都不會被盜用或濫用。 用數字簽名綁定數據的過程如下。

用數字簽名綁定數據的過程 (Process of binding the data with a digital Signature)

The user or the person who is sending the data is asked to enter some signature. This can be any unique text or his identity or something else. Hash Function is applied over this signature value and it is attached to the message being sent. The message is then transmitted to the other user with the hash value of the signature. The receiver then checks for the similarity between the signatory values. In this way, a digital signature is applied over the digital data.

用戶或發送數據的人被要求輸入一些簽名。 這可以是任何唯一的文本或他的身份或其他任何東西。 哈希函數應用于此簽名值，并且附加到正在發送的消息上。 然后將消息與簽名的哈希值一起發送給另一個用戶。 接收器然后檢查簽名值之間的相似性。 以這種方式，數字簽名被施加在數字數據上。

數字簽名的應用 (Applications of Digital Signature)

1. Message Authentication:

   消息認證 ：

   When the verifier validates the digital signature using the public key, he is assured that the signature has been created by the valid sender who is having the private key. In this way, the receiver is assured that the message is sent by the one whose signature is attached with the message and this implies the message authentication.

   當驗證者使用公鑰驗證數字簽名時，將向他保證簽名已由擁有私鑰的有效發送者創建。 以這種方式，確保接收者該消息是由其簽名附有該消息的那個人發送的，并且這意味著消息認證。

2. Data Integrity:

   數據完整性 ：

   In case the data has been modified in between the transmission, the signature verification algorithm fails at the receiver’s side. The hash code of the modified data and the output provided by the verification algorithm will no match, so the receiver can safely deny the message assuming that the data integrity has not been reached.

   如果在兩次傳輸之間修改了數據，則簽名驗證算法在接收方將失敗。 修改后的數據的哈希碼和驗證算法提供的輸出將不匹配，因此，如果尚未達到數據完整性，則接收方可以安全地拒絕該消息。

3. Non- Repudiation:

   不可否認 ：

   The sender cannot deny that he has not sent that data if the data has been attached to the digital signature of the sender. Since, the person who is attaching the signature with the data that is to be transmitted, is the only person who can create that unique signature for his data (unless his signature is stolen by someone else), the receiver can present the data along with the digital signature in case the sender denies that he has not sent that data. Therefore, the signature must be kept private and must not be shared with anyone.

   如果數據已附加到發送方的數字簽名，則發送方不能否認自己沒有發送該數據。 由于將簽名與要傳輸的數據附加在一起的人是唯一可以為其數據創建該唯一簽名的人(除非他的簽名被他人竊取了)，因此接收者可以將數據與如果發件人否認自己沒有發送該數據，則為數字簽名。 因此，簽名必須保密，不得與任何人共享。

   Example, whenever a mail is received, the email id of the sender is the signatory to the message, and as every email id is unique, in case if any message is sent using his email address, the sender cannot deny from the fact that he has not sent that mail.

   例如，每當收到一封郵件時，發件人的電子郵件ID就是該消息的簽名者，并且由于每個電子郵件ID都是唯一的，因此，如果使用他的電子郵件地址發送了任何郵件，則發件人不能否認他尚未發送該郵件。

翻譯自: https://www.includehelp.com/cryptography/digital-signatures.aspx

數字簽名 那些密碼技術