Search
  • Neeraj

Encryption in emails: Digital Signatures

If you're looking for parts 1 or 2, you can find them here and here. If you came to the right place, let's move on and talk about...


Does encryption stop here?


You probably guessed it, since there's a post now. But I'll say it anyway - no, it doesn't. While you might blow the trumpets and hit the sack for now, you'll eventually come back to ask:

  1. How does Alice know the mail's from Bob (realBob@xyzmail.com) and not from jealous Eve (trustmeIamBob@xyzmail.com)?

  2. How does Alice know that Bob's message wasn't altered? Her public key is public, remember? Eve can't read Bob's message, but can't she replace it with another of his own?

  3. How do Bob and Alice know each others' public keys?


Answers to 1 & 2 lie in a concept called digital signature. Not to be confused with pompous signature lines on emails.


Digital signatures use the concept of PKC again. But in reverse order to the previous section. Idea's simple, just remember

  • Anything encrypted with Bob's private key can be decrypted by Bob's public key only.

  • So any message that can be decrypted with Bob's public key must've been encrypted by Bob's private key.

  • Assuming only Bob has access to his private key, the message must have come from Bob.

So we simply re-encrypt the encrypted message (6ekd890optak1 above) with Bob's private key. Alice uses Bob's public key to confirm it's from Bob and everyone lives happily ever after!


(Source: https://en.wikipedia.org/wiki/Digital_signature)


As promised, what I've explained is in fact an oversimplified picture. The concept is the same, but modern day digital signatures work a bit differently. They convert the message into a hash, which can be compared later to ensure the message hasn't been altered. I'm going to skip that part because

Great, now we know how it all works! If all you wanted was to know how encryption works in principle, you should stop here. If you want to know what happens in reality, read on.


Next, we move on to tying up some loose ends in the next post, starting with...


What's the deal with TLS?

14 views0 comments

Recent Posts

See All