Security and Cryptography in Python - Hash Functions(2)

Security and Cryptography in Python - Hash Functions(2)

Digital Signatures works - uses hash functions

https://en.wikipedia.org/wiki/RSA_(cryptosystem)#Signing_messages

Generate the public key and secret key:

Code in Python；

import hashlib

# These are Alice's RSA keys
# Public key (e, n): 3 279379
# Secret key(d) 46387
n = 279379
e = 3
d = 46387

# This is the message that Alice wants to sign and send to Bob
message = "Bob you are awesome".encode()

# Step 1: hash the message
sha256 = hashlib.sha256()
sha256.update(message)
h = sha256.digest()
h = int.from_bytes(h, "big") % n
print("Hash value", h)
# Step 2:decrypt the hash value(use secret exponent)
sign = h**d % n
# Step 3: send message with signature to Bob
print(message, sign)

# Bob verifying the signature
# Step 1: calculate the hash value of the message
sha256 = hashlib.sha256()
sha256.update(message)
h = sha256.digest()
h = int.from_bytes(h, "big") % n
print("Hash value", h)
# Step 2: Verify the signature
verification = sign**e % n
print("Verification value", verification)

Running Result:

Eve trying to modify a signed message

import hashlib

def modify(m):
    l = list(m)
    l[0] = l[0] ^ 1
    return bytes(l)

# These are Alice's RSA keys
# Public key (e, n): 3 279379
# Secret key(d) 46387
n = 279379
e = 3
d = 46387

# This is the message that Alice wants to sign and send to Bob
message = "Bob you are awesome".encode()

# Step 1: hash the message
sha256 = hashlib.sha256()
sha256.update(message)
h = sha256.digest()
h = int.from_bytes(h, "big") % n
print("Hash value", h)
# Step 2:decrypt the hash value(use secret exponent)
sign = h**d % n
# Step 3: send message with signature to Bob
print(message, sign)

# This is Eve being evil and modifies the message
message = modify(message)
print(message)

# Bob verifying the signature
# Step 1: calculate the hash value of the message
sha256 = hashlib.sha256()
sha256.update(message)
h = sha256.digest()
h = int.from_bytes(h, "big") % n
print("Hash value", h)
# Step 2: Verify the signature
verification = sign**e % n
print("Verification value", verification)

Running result (The hash values is different now):