Difference between revisions of "Digital Signature"
(Created page with "A digital signature is the result of a mathematical computation. It is similar to a hash value such as MD5, but there is one important difference: A digital signature relies o...") |
m |
||
(10 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
+ | [[Category:Knowledge Base]] |
||
− | A digital signature is the result of a mathematical computation. It is similar to a hash value such as MD5, but there is one important difference: |
||
− | A digital signature |
+ | A digital signature is the result of a mathematical computation. It is similar to a hash value such as [[MD5]], but there is one important difference: |
+ | a digital signature relies on a private/public key scheme. Thus one key (typically the private key) is used to generate the signature, and |
||
− | the other one is used to verify it, whereas a hash is a simple mathematical function result, where the same function is used for both generation |
||
+ | the other one is used to verify it, unlike a hash which is a simple mathematical function result, where the same function is used for both generation |
||
− | as well as verification. |
||
+ | and verification. |
||
− | This is a very important difference. A digital signature verification scheme, so algorithm and public key, can be open, well known. |
||
− | This still does not allow a potential attacker to create a signature for a modified document. |
||
+ | This is a very important difference. With a digital signature verification scheme, both the algorithm and public key can be known and open but this still does not allow a potential attacker to create a signature for a modified document. |
||
− | Applications |
||
− | There are various applications for digital signatures in Embedded Systems and other places. One simple example is Signature of a document: |
||
− | Alice can make her public key known to the world, and anybody can now verify that a document that claims to be signed by Alice actually is. |
||
− | The only thing they have to assure is that they have the proper public key (used for verification). |
||
− | SEGGER supplies a free tool based on emSecure for exactly this purpose: [Sign&Verify,https://www.segger.com/products/security-iot/emsecure/tools/signverify/]. |
||
+ | ==Applications== |
||
+ | There are various applications for digital signatures in Embedded Systems and other places. One simple example is the Signature of a document. |
||
+ | Alice can make her public key known to the world, and anybody can now verify that a document claiming to be signed by Alice actually was. |
||
+ | The only thing they have to ensure is that they have the proper public key (used for verification). |
||
+ | SEGGER supplies a free tool based on emSecure for exactly this purpose: [https://www.segger.com/products/security-iot/emsecure/tools/signverify/ Sign&Verify]. |
||
+ | |||
+ | ==In Embedded Systems== |
||
In Embedded Systems, Digital Signatures can be used for various purposes, such as |
In Embedded Systems, Digital Signatures can be used for various purposes, such as |
||
*Firmware updates - Authenticate the source of the firmware update |
*Firmware updates - Authenticate the source of the firmware update |
||
− | *Copy (clone) protection - Using the unique ID of a chip in the system, every device |
+ | *Copy (clone) protection - Using the unique ID of a chip in the system, every device will store a signature based on this unique ID. When copied (cloned), if the signature does not match, the firmware will refuse to function. |
− | Algorithms used |
+ | ==Algorithms used== |
− | *RSA |
+ | *[[RSA]] |
*Elliptic curves |
*Elliptic curves |
||
− | Software libraries |
+ | ==Software libraries== |
− | One software library that allows generation of keys as well as signature and verification of signatures in any system including Embedded Systems is SEGGER's |
+ | One software library that allows generation of keys as well as signature and verification of signatures in any system including Embedded Systems is SEGGER's [https://www.segger.com/products/security-iot/emsecure/ emSecure] |
Latest revision as of 17:26, 28 May 2019
A digital signature is the result of a mathematical computation. It is similar to a hash value such as MD5, but there is one important difference: a digital signature relies on a private/public key scheme. Thus one key (typically the private key) is used to generate the signature, and the other one is used to verify it, unlike a hash which is a simple mathematical function result, where the same function is used for both generation and verification.
This is a very important difference. With a digital signature verification scheme, both the algorithm and public key can be known and open but this still does not allow a potential attacker to create a signature for a modified document.
Applications
There are various applications for digital signatures in Embedded Systems and other places. One simple example is the Signature of a document. Alice can make her public key known to the world, and anybody can now verify that a document claiming to be signed by Alice actually was. The only thing they have to ensure is that they have the proper public key (used for verification). SEGGER supplies a free tool based on emSecure for exactly this purpose: Sign&Verify.
In Embedded Systems
In Embedded Systems, Digital Signatures can be used for various purposes, such as
- Firmware updates - Authenticate the source of the firmware update
- Copy (clone) protection - Using the unique ID of a chip in the system, every device will store a signature based on this unique ID. When copied (cloned), if the signature does not match, the firmware will refuse to function.
Algorithms used
- RSA
- Elliptic curves
Software libraries
One software library that allows generation of keys as well as signature and verification of signatures in any system including Embedded Systems is SEGGER's emSecure