next up previous
Next: 3.3.9 What about non-repudiatability Up: 3.3 Data Security: Cryptography Previous: 3.3.7 Is the certificate

3.3.8 What about non-repudiatability of origin?

Using my private key and the message I am sending, I have my computer make a particular calculation that results in a piece of information called a ``digital signature''. Since it involves my private key, the signature can only have come from me. And since the calculation uses the message I'm sending, the signature is only for this message. I then have my computer attach the digital signature to the message, and I send to you.

When you receive the message, your computer does a calculation that uses the message, the digital signature and my public key. Since my public and private keys are related, the calculation can verify 1) that my private key was used to create the signature and 2) that the message you received was used to create the signature.

Denis Arnaud