Anonymity
Privacy
Security
vanish.org
PGP
Download PGP
PGP Installation
Encrypting Mail
Decrypting Mail
Change Passphrase
Hash Function
Subkeys

PGP - Pretty Good Privacy - Hash functions
Using PGP to sign your unencrypted emails



Digital signatures

Sometimes you won't want to use encryption when communicating.

A major benefit of public key cryptography is that it provides a method for employing digital signatures. Digital signatures enable the recipient of information to verify the authenticity of the information's origin, and also verify that the information is intact. Thus, public key digital signatures provide authentication and data integrity.

A digital signature also provides non-repudiation, which means that it prevents the sender from claiming that he or she did not actually send the information. These features are every bit as fundamental to cryptography as privacy, if not more.

A digital signature serves the same purpose as a handwritten signature. However, a handwritten signature is easy to counterfeit. A digital signature is superior to a handwritten signature in that it is nearly impossible to counterfeit, plus it attests to the contents of the information as well as to the identity of the signer.

A digital signature serves the same purpose as a seal on a document, or a handwritten signature. However, because of the way it is created, it is superior to a seal or signature in an important way. A digital signature not only attests to the identity of the signer, but it also shows that the contents of the information signed has not been modified.

A one-way hash function takes variable-length input — in this case, an email message of any length — and produces a fixed-length output. The hash function ensures that, if the information is changed in any way — even just one alteration — an entirely different output value is produced.

As long as a secure hash function is used, there is no way to take someone's signature from one document and attach it to another, or to alter a signed message in any way. The slightest change in a signed document will cause the digital signature verification process to fail.



After you have finished writing your email, right click on the PGPtray icon, then in the pop up menu choose Current Window/Sign.



The message is fed into a routine called a HASH Function (a function that converts one string of characters into a fixed length string).



You will be prompted to enter your Passphrase.



Go ahead and type your Passphrase and hit OK.



CLICK HERE to continue.

Vanish.Org Copyright © 2006 All rights reserved