Lecture Notes: Foundations of Cryptography - Non-repudiation, Proof of Integrity, and Proof of Origin

Introduction to Non-repudiation in Cryptography

• Non-repudiation: Ensures a third party can verify the origin of data.
• Analogous to contracts: A signature on a contract verifies the signer.

Key Concepts

Proof of Integrity

• Definition: Verifying that data received is exactly the data that was sent.
• Hashing:
  • A method to ensure data integrity.
  • Creates a "message digest" or "fingerprint" of data.
  • Even a minor change in data gives a different hash.
  • Example: Project Gutenberg's Encyclopedia volume hashing.

Proof of Origin

• Definition: Verifying the identity of the data sender.
• Digital Signature:
  • Provides non-repudiation.
  • Uses a private key known only to the sender.
  • Verification is done with the corresponding public key.

Practical Example: Alice and Bob

• Scenario: Alice sends a message "You're hired, Bob".
• Process:
  1. Alice creates a hash of the message.
  2. Encrypts the hash with her private key to create a digital signature.
  3. Sends message and digital signature to Bob.
  4. Bob receives the message and signature.
  5. Uses Alice’s public key to decrypt the hash.
  6. Verifies by hashing the received message and comparing to decrypted hash.
• Outcome: Confirms the message’s integrity and sender's identity.

Conclusion

• The digital signature process is often automated or simplified (e.g., clicking "add digital signature").
• Understanding the process enhances comprehension of digital data integrity and authenticity.
• Critical for ensuring secure and verifiable electronic transactions.