数字签名 那些密码技术

A signature is usually used to bind signatory to the message. The digital signature is thus a technique that binds a person or the entity to the digital data. This binding ensures that the person sending the data is solely responsible for being for it and this binding can be verified by the receiver and the third party. This digital signature is also stored using hash functions so that no one’s signature can be stolen and be misused. The process of binding the data with the digital signature is as follows.

签名通常用于将签名者绑定到消息。 因此， 数字签名是将个人或实体绑定到数字数据的技术。 此绑定确保发送数据的人对此负全责，并且此绑定可以由接收方和第三方验证。 此数字签名也使用哈希函数存储，因此任何人的签名都不会被盗用或滥用。 用数字签名绑定数据的过程如下。

用数字签名绑定数据的过程 (Process of binding the data with a digital Signature)

The user or the person who is sending the data is asked to enter some signature. This can be any unique text or his identity or something else. Hash Function is applied over this signature value and it is attached to the message being sent. The message is then transmitted to the other user with the hash value of the signature. The receiver then checks for the similarity between the signatory values. In this way, a digital signature is applied over the digital data.

用户或发送数据的人被要求输入一些签名。 这可以是任何唯一的文本或他的身份或其他任何东西。 哈希函数应用于此签名值，并且附加到正在发送的消息上。 然后将消息与签名的哈希值一起发送给另一个用户。 接收器然后检查签名值之间的相似性。 以这种方式，数字签名被施加在数字数据上。

数字签名的应用 (Applications of Digital Signature)

1. Message Authentication:

   消息认证 ：

   When the verifier validates the digital signature using the public key, he is assured that the signature has been created by the valid sender who is having the private key. In this way, the receiver is assured that the message is sent by the one whose signature is attached with the message and this implies the message authentication.

   当验证者使用公钥验证数字签名时，将向他保证签名已由拥有私钥的有效发送者创建。 以这种方式，确保接收者该消息是由其签名附有该消息的那个人发送的，并且这意味着消息认证。

2. Data Integrity:

   数据完整性 ：

   In case the data has been modified in between the transmission, the signature verification algorithm fails at the receiver’s side. The hash code of the modified data and the output provided by the verification algorithm will no match, so the receiver can safely deny the message assuming that the data integrity has not been reached.

   如果在两次传输之间修改了数据，则签名验证算法在接收方将失败。 修改后的数据的哈希码和验证算法提供的输出将不匹配，因此，如果尚未达到数据完整性，则接收方可以安全地拒绝该消息。

3. Non- Repudiation:

   不可否认 ：

   The sender cannot deny that he has not sent that data if the data has been attached to the digital signature of the sender. Since, the person who is attaching the signature with the data that is to be transmitted, is the only person who can create that unique signature for his data (unless his signature is stolen by someone else), the receiver can present the data along with the digital signature in case the sender denies that he has not sent that data. Therefore, the signature must be kept private and must not be shared with anyone.

   如果数据已附加到发送方的数字签名，则发送方不能否认自己没有发送该数据。 由于将签名与要传输的数据附加在一起的人是唯一可以为其数据创建该唯一签名的人(除非他的签名被他人窃取了)，因此接收者可以将数据与如果发件人否认自己没有发送该数据，则为数字签名。 因此，签名必须保密，不得与任何人共享。

   Example, whenever a mail is received, the email id of the sender is the signatory to the message, and as every email id is unique, in case if any message is sent using his email address, the sender cannot deny from the fact that he has not sent that mail.

   例如，每当收到一封邮件时，发件人的电子邮件ID就是该消息的签名者，并且由于每个电子邮件ID都是唯一的，因此，如果使用他的电子邮件地址发送了任何邮件，则发件人不能否认他尚未发送该邮件。

翻译自: https://www.includehelp.com/cryptography/digital-signatures.aspx

数字签名 那些密码技术