I’ve read so much about digital signatures but still didn’t truly understand what they were. I managed to get a one on one with an engineer cryptographer called Weiwu and it was amazing.
It goes something like this:
- Start of with a message. eg “I own this piece of land at 21 To The Moon Avenue”
- Hash the message. Let’s call this e.
- Generate a set of keys. ie a public and private key. Let’s call the private key d
- Generate a random number k.
- Sign the message with the function sign(e, d, k).
That is pretty much it. To get hands on, try these commands:
In OpenSSL – create private/public keys, sign and verify:
openssl ecparam -name secp256k1 -genkey -out private.pem
openssl ec -in private.pem -pubout -out public.pem
echo|set /p=”ABCDEFGHIJKLMNOPQRSTUVWXYZ012345″ > message.dat
openssl dgst -ecdsa-with-SHA1 -sign private.pem -out signature.dat message.dat
openssl dgst -ecdsa-with-SHA1 -verify public.pem -signature signature.dat message.dat