A simple case study: Dr. Watson patiently waited until Sherlock Holmes finished.

Question

A simple case study:
Dr. Watson patiently waited until Sherlock Holmes finished. “Some interesting problem to solve,
Holmes?” he asked when Holmes finally logged out.
“Oh, not exactly. I merely checked my e-mail and then made a couple of network
experiments instead of my usual chemical ones. I have only one client now and
I have already solved his problem. If I remember correctly, you once mentioned cryptology
among your other hobbies, so it may interest you.”
“Well, I am only an amateur cryptologist, Holmes. But of course I am interested in the
problem. What is it about?”
“My client is Mr. Hosgrave, director of a small but progressive bank. The bank is fully
computerized and of course uses network communications extensively. The bank already uses RSA
to protect its data and to digitally sign documents that are communicated. Now the bank wants to
introduce some changes in its procedures; in particular, it needs to digitally sign some documents by
two signatories.
1. The first signatory prepares the document, forms its signature, and passes the document
to the second signatory.
2. The second signatory as a first step must verify that the document was really signed by
the first signatory. She then incorporates her signature into the document’s signature so
that the recipient, as well as any member of the public, may verify that the document was
indeed signed by both signatories. In addition, only the second signatory has to be able to
verify the document’s signature after the first step; that is, the recipient (or any member of
the public) should be able to verify only the complete document with signatures of both
signatories, but not the document in its intermediate form where only one signatory has
signed it. Moreover, the bank would like to make use of its existing modules that support
RSA-style digital signatures.”
“Hmm, I understand how RSA can be used to digitally sign documents by one signatory,
Holmes. I guess you have solved the problem of Mr. Hosgrave by appropriate generalization of RSA
digital signatures.”
“Exactly, Watson,” nodded Sherlock Holmes. “Originally, the RSA digital signature
was formed by encrypting the document by the signatory’s private decryption key ‘d’, and the
signature could be verified by anyone through its decryption using publicly known encryption key ‘e’.
One can verify that the signature ‘S’ was formed by the person who knows ‘d’, which is supposed to
be the only signatory. Now the problem of Mr. Hosgrave can be solved in the same way by slight
generalization of the process, that is …” [1]
Finish the explanation.

Explanation / Answer

ANS:

First signatory will first sign the document using the private key of digital signature and will send the document to second signatory. Now second signatory has the responsibility to validate the signature of first signatory. This she can do by decrypting the first signatory's signature with his public key. After decrypting, she will know that document was indeed signed by first signatory. After this, she will use her private key to not only sign the document but also the signature of first signatory. The receipient of the document will have the public key of second signatory that he will use to access the document and validate the signatures of both the signatories. The last signature being validated will guarantee the integrity, authentication and non-repudiation of first signature, however it will be required to check the sequence of signatures.

------------------------------------------

IF YOU WANT ANY EXTRA INFORMATION OR ANY DOUBT ABOUT MY ANSWER FEEL FREE TO ASK

THANK YOU

RATE THUMBSUP PLZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.