Based on my knowledge, all digital signature algorithms use a hash function to sign a message, and then encrypt the hash result. So why do these algorithms not use a checksum instead of a hash algorithm? By the end, both are going to encrypted, correct? A checksum is faster than a hash algorithm.
Asked
Active
Viewed 3,258 times
1 Answers
6
A digital signature can only sign a relatively small amount of information, which is why the digest is signed instead of the original message. Because of this limitation, the digest must be a faithful representation of the complete message. A cryptographically-secure hash is require to resist collision attacks, second preimage attacks, and preimage attacks, all of which can invalidate the guarantees that people expect from a digital signature. In other words, if one signature is valid for two distinct messages, the signature is useless. A cryptographically-secure hash prevents this.
Also note that digital signatures are not simply encrypted digests. This is a simplified explanation which is common, but technically incorrect. This answer describes signatures for RSA.
forest
- 15,626
- 2
- 49
- 103