# jemdoc: addcss{rbh.css}, addcss{jacob.css} = ch7: pretty good privacy ~~~ {}{raw} digsig   ~~~ ~~~ {pretty good privacy} - information age: who encrypts ? -- government military business crime -- citizens ? - Phil Zimmermann -- 1970s Florida Atlantic University -- 1977 RSA: government military business (costly) -- until then, large scale gov\'t privacy invasion prohibitive -- 1980s developed pgp -- 1991 asks friend to post pgp on internet -- 1993 US govt visits Phil ~~~ ~~~ {pgp features} - msg: symmetric secret-key cryptosystem - secret key: asymmetric public-key cryptosystem - signature: asymmetric public-key cryptosystem - automated pkc key generation, session key ~~~ ~~~ {spoofing} - e.g. Eve uses Alice's RSA public key, sends Alice this message: ~ Hi Alice, this is Bob. I would like to purchase an expensive gift for Eve. Please send the gift directly to Eve, and charge my account. Thank you. Bob. ~~~ ~~~ {}{raw}

Diffie Helmann digital signature

~~~ ~~~ - one-way function: given f( ), finding {{f-1( )}} hard - e.g. Alice's RSA public encryption function {{f(m) = me (mod n)}} - {{f-1( )}} is Alice's RSA secret decryption function - recall {{f-1(x) = xd (mod n)}}, where {{d*e = 1 (mod phi(n)), where phi(n) = (p-1)(q-1)}} - f( ) is a one-way function, but so is {{g = f-1( )}} - Alice sends *signed* message m to Bob: -- uses public hash function h( ) -- computes j = h(m) -- computes c = g(j) -- sends m,j,c to Bob - Bob verifies Alice's signature: -- confirms j = h(m) -- confirms {{j = g-1(c) = f(c)}} - security ? -- determining g( ) from {{g( )}} infeasible for Eve -- only Alice could have created signature ~~~