Some doubts about signature procedure
Kenneth Jones
kententen at me.com
Mon Sep 9 15:27:13 CEST 2013
Hi Francesco,
Let me review something about signing and what happens when you do it.
Signing a signed email with PGP (or GPG, GnuPG or whatever) means that
the message text is inspected by the PGP program and a small additional
data file is produced that has a specific relationship to the message.
Both your message and this extra file are sent to the other guy.
The inspection and manipulation is called hashing. A hash (that's what
what the small data file is called) is related to the original message
in such a way that if even one small part of the original message is
changed, the hash will almost always be completely different than it was
originally. So the first thing that happens is that your message text is
hashed and the hash is produced. Now, at the other end of the line, your
recipient's PGP program will also hash your message and will compare the
hash you sent with the hash it just produced. If the two hashes are
identical, it's a proof that the message hasn't changed (or been
changed) since it was hashed. Identical hash results mean identical
messages. But...
But anybody can hash a message. Even the bad guy in the middle, between
you and your recipient. You send a letter and its hash, bad guy
intercepts it, changes the message, rehashes it, sends it along to your
recipient. Your recipient hashes and compares, finds the two hashes
match and thinks it's okay. But he's comparing his to the bad guy's, not
comparing your hash to his...and he doesn't know any better...so this
can't be secure from what's called a man-in-the-middle attack. How to fix?
Your PGP program not only makes the hash, but it encrypts your hash with
your private key before sending it along with your message. Note that
the message is not encrypted, it's still clear text. Only the hash is
encrypted. The recipient will use PGP and your public key to decrypt the
hash before comparing it to the hash it just made. Now then if the two
hashes match we know two things: one, the message is exactly as it was
written by the user of the private key, and the user of the private key
is the one who wrote it. If you have maintained possession of your
private key, no one else could have produced the message this way. So,
keeping your private key in a safe place and protecting it with a good
passphrase is important.
That's how we can tell that what we receive is precisely what you (and
only you) have sent.
I hope that helps, but sometimes I make things more complex than they
really need to be for good understanding. Please write again with your
questions.
Cheers,
Ken Jones
0xE2557AA7
On 2013-09-09 16:42, Francesco C. wrote:
> Hi, here I come back to ask you some clarification about the signature
> procedure.
> The purpose of signature procedure is making sure of anybody can't modify
> the file you're trying to send.
>
> Many times they use also the check of Md5sum or SHA512Sum, but anyway my
> question is:
>
> if any spiteful person succeed in tapping a file transmission of mine, he
> surely succeed in signing the modified file. So how can my addressee
> realize of that?
>
> In other words, if this spiteful person succeed in replacing a modified
> file in a server he also succeed in replacing also the signature file,
> doesnt' he?
>
> In this case I can't understand the benefit of signing procedure.
> I'm sorry if my exposure was not as good as an english professor :p but I
> promise next times it wil be better and better.
>
> Thank you for your patience.
>
> --
> Francesco
>
More information about the Gnupg-users
mailing list