11:20 Electronic signature for dummies what it is and how not to choke Part 2 | |
| Part 1 Continuing to disclose the secret knowledge of digital signature in plain language, we explain what we need for convenient and efficient to work with them, as well as the main difference between the camps of S / MIME + X.509 and PGP. Before you consider the features of these two great camps, should consider what information is needed by the recipient to verify the signature (encrypted hash and our already well be called the signature), and in what form, it can refer to it. Each of the pieces of information can be sent together with a public key, or with our signature, but you can so and so, for greater convenience. Of course, we can not share the information transmitted to the public key and transmitted with the signature. But then, each time sending the signed information, we send the same thing. As if to each sent us a paper letter (even briefly, in two lines), we have applied the addition of the form "Hello! It's me, B. Doe, whom you met at the Red Square in Moscow, where we met, then went to a restaurant, then <...>». Agree slightly uncomfortable. But back to our information necessary to verify the signature. Begin with a simple: information that enables us to know who made this signature. As we have already agreed, asymmetric encryption allows you to uniquely bind our public key and the resulting signature. The trouble is, that in itself a public key - a set of bytes. In this course, he is associated with the closing, we (the sender) have, but this connection is not obvious to the recipient. He has a set of bytes from B. Doe, from Petrov, from S. Sidorov ... And from a dozen other people. And as he identify them? Keep a separate register for the one who belongs to a set of bytes? This is what is obtained is second registry (besides, where should be written with the help of a hash function which made a hash)! Again, awkward! So, we must bind each public key with information about who the key belongs to, and send it all in one package. Then the registry problem is solved by itself - package (and if more correctly, the container) with a public key can just look at and immediately understand his identity. But this information still need to associate with a signature that had come to the recipient. How to do it? It is necessary to construct another container, this time to transfer the signature, and it duplicated the information about who created the signature. Continuing our analogy of a beautiful castle, we write on the key "This key opens the lock B. Doe". And the castle too, write "Castle B. Doe". With this information, the recipient of our boxes will not be one of its existing key is inserted at random in our castle, and take our key and once it opens. Now, transmitted information can be found by checking the container's public key, take out the key to decrypt the hash and ... And in fact, that the "i"? After all, we still have not solved the problem of how to convey to the recipient's information about what the hash function used for hash, and after signature verification, this information need! this issue is quite simple: put this information in a container along with our public key. After all, a bunch of "hashing - encryption hash result" is process of creating a digital signature, and its result - the signature. So, quite logically represent the association in a bunch of hash encryption algorithm and hash function, with which it is formed. And to bring this information must also be in the bundle. Now, let us return briefly to the media about the signing. What kind of this information should be? Name? No, B. Doe much. Name + Year of birth? And so were born the same day B. Doe also abound! Moreover, it can be Basil, Victor, or even Vasilisa or Victoria Doe. Hence, the information should be more. It should be enough to match all the parameters by which we identify the man was most unlikely. Of course, such a packet of information possible. Here are just working with him already difficult. After all, our containers have the public keys need to sort, store, use, in the end. And if, for each use will indicate at fifty parameters, then at the second container, it becomes clear that something must be changed. The solution to this problem, of course, have been found. To understand what it consisted of, let's turn to paper documents, which we all have: a passport. Here you can find and name, and date of birth and sex, and lots of other information. But, more importantly, it can find the series and number. And that is the serial number is the unique information that is convenient to take into account the sort. In addition, they are significantly shorter than the entire rest of the information put together, while still allow you to identify the person. Applying the same approach to containers of public keys, we find that each container must be a certain number of characters that is unique to him. This sequence of characters called the id, themselves and containers - certificate, or just the keys. Here and begin fundamental differences in ideology OpenPGP and S / MIME + X.509. For a brief understanding of them, let us return to our analogy of the passport. Passport you can use when buying tickets at registration documents for the issuance of the permit for any territory or even in other countries! That is, you use it to identify you in the most diverse, often completely unrelated to each other places with many different people. And everywhere, take your passport. Guarantee that you - are you in favor a third party in your relationship with the other: the state. That is what gives you your passport, specially designed, signed and certified, and that's why your passport is such a universal instrument. On the other hand, among friends or within a company you can simply introduce themselves as follows: "B. Pupkin from your group at the institute "or" B. Pupkin of sales. " And the people with whom you come in contact in this circle is no longer needed a third party, and they both remember Doe from the group which studied for five years, or Doe from the sales department, which recently went to dinner, and the information you provide them enough. You can also divide these two camps. Certificate X.509 - it is the analogue of our passports. Here you will be issued certificates of severe third-party guarantor of your personality: Certification Authority (CA). Receiving your signature man can always contact the CA and ask interesting information here on this particular certificate. PGP is (and standard OpenPGP, which appeared in the sequel) was created on the basis of the so-called trust networks. This idea implies that the exchanged signatures of people who have a third party to their relationship is not needed, and only need protection from bad people. Of course, over time, this division has become quite arbitrary, since at the moment and in the S / MIME + X.509 and PGP, you can use methods of the camp rivals. Yet, standards for quite a long time, developed in parallel and have evolved to the extent that mutual compatibility between them became impossible. The more popular standard, by virtue of their orientation to participate more competent third party, became the standard S / MIME + X.509, however, and PGP has a number of trump cards in his bosom, by which he not only killed, but and continues to thrive. A more detailed discussion of each of the formats, as well as recommendations of when, where and which one to use, you can already read the following articles. Part 3 | |
|
| |
| Total comments: 0 | |