Email Digital Signing [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

Closed 8 years ago.

Improve this question

Good Morning all,

I hope someone who understands the subject is able to present it eloquently to me, as i am struggling.

I have downloaded a certificate for a user in an Exchange 2010 environment from Comodo for Digital Signing. What I would like help with is a few questions:

I understand the process to create a hash (some sort of public formulate) from the message. Then the certificate will encrypt the hash? and not the message? is the message potentially visible as it flows through the web?

How does the receiver know how to decrypt the digital signature if they do not have my private key? How does the exchange or private keys work?

so to recap:

Does encryption only happen on the hash portion of the message? i.e the actual message is clear text? And how does the receiver decrpypt the hash without my private key?

Many Thanks

Daniel

Answer 1

When you import a certificate into Outlook (or any email client) it allows Outlook to sign your messages digitally, allowing the recipient to verify that the message came from you, and that it has not been tampered with. The message is not encrypted at this stage.

Included with the digital signature is your public key. When someone with their own certificate receives your message they can verify the authenticity of your message and extract your public key. When they reply using their own digital signature you can verify that their message is authentic and extract their public key.

Now, both parties are in possession of the other's public key. The key feature of Public Key Cryptography is that messages encrypted with a public key can only be decrypted by using the private key. When you send a new message to your contact it is encrypted using their public key. They can decrypt it using their private key, which only they know. Similarly, further messages from them to you will be encrypted using your public key and only your private key will decrypt them.