Basic HTML version of Foils prepared April 7 1998

Foil 93 Java Digital Signatures-2

From Basic Principles of Java and Internet Security CPS616 Web Technologies -- Spring 98. by Geoffrey C. Fox


1 Assume Joe wants to send an applet to a group. First the group gets Joe's public key, then Joe use his private key to sign, encrypt, the applet and publish it. The group members get the signed applet and uses Joe's public key to open it. Since only Joe knows to encrypt the applet, they will be sure about the source.
2 Code authors can use standard cryptographic algorithms to embed a "certificate" into a Java class. Then, the users can precisely understand who implemented the code and signed. If somebody alters the code, the interloper would not be able to sign it with the original signature.
3 Once the signature is verified, one will be sure about the originality of the code. However, trusting to the original code is another security issue. Users may decide to use or not to use the code depending on their trust in the signer.

in Table To:


© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Mon Apr 6 1998