We saw in the previous post, how to achieve integrity and authentication of messages using the MAC.
In this post we would look at an additional way to achieve the same objectives through Digital Signatures.
Lets see what are digital signature and how are they different from MAC.
Digital signatures are analogous to your physical signatures. They provide the following three properties to the messages they are applied to:
- Authenticity : The message is coming from who it claims from
- Integrity : The message has not been changed in transit
- Non-Repudiation : The sender can’t later deny having sent the message
Digital signatures use asymmetric keys for the cryptographic functions.
As shown in the figure below, the procedure involves the following steps:
Sender Side:
- Compute the hash of the message
- Encrypt the hash using the private key (asymmetric cryptography)
- Append the digital signature to the message
Receiver Side:
- Recalculate the hash from the received message
- Decrypt the received digital signature to get the original hash calculated by the sender. Senders public key is used for the decryption (asymmetric cryptography)
- Compare both the hashes. If they are same, it means the message is valid
Did you find the difference between MAC and Digital Signatures?
The biggest one lies in the type of keys used.
MAC uses symmetric keys whereas Digital Signatures use asymmetric keys for encrypting/decrypting the hash.
Food for thought – Why does MAC not provide Non-Repudiation whereas Digital Signatures does?
You must be logged in to post a comment.