为什么SignHash需要知道使用什么哈希算法？ [英] Why does SignHash need to know what hash algorithm was used?

问题描述

这可能是 http://crypto.stackexchange.com 的问题，但我想我会先在这里尝试答案可能与.NET而不是加密算法本身有关。

在 RSACryptoServiceProvider类，有一个方法 SignHash ，其中：

通过使用私钥对指定的哈希值进行加密来计算签名。

第一个参数是数据的哈希值（看起来不错），但第二个参数是一个字符串，创建哈希值。

问题是为什么哈希算法很重要？当然所有的方法需要做的是使用它的私钥加密给定的值，并返回结果？如果它真的需要知道，为什么不RSACryptoServiceProvider有一个方法，只是这样（与适当的验证方法）？

解决方案<

收件人有两件事情：

• 邮件


• 签名（由寄件者私人密钥加密）

要验证邮件，收件人必须使用发件人的公钥解密签名，并检查邮件的哈希值。

如果未向接收者指定散列算法，则他们无法知道如何对消息进行散列，因此无法对其进行验证。

因此，必须向收件人指定算法。

为了使发送者指定哈希算法（谁知道签名是如何创建的） ，并且不能由任何其他人修改，则需要将其包括在签名内，并在散列旁边加密。

因此，为了创建有用的签名，在加密散列时需要指定散列算法。

This may be a question for http://crypto.stackexchange.com, but I thought I'd try it here first as the answer may relate to .NET rather than the encryption algorithm itself.

In the RSACryptoServiceProvider class, there's a method SignHash, which:

Computes the signature for the specified hash value by encrypting it with the private key.

The first argument is the hash value of the data (which seems fair), but the second is a string stating the algorithm used to create the hash value.

The question is why does the hash algorithm matter? Surely all the method needs to do is encrypt the given value using its private key and return the result? And if it really does need to know, why doesn't RSACryptoServiceProvider have a method which does just that (Along with an appropriate Verify method)?

解决方案

Thanks to Iridium for getting me thinking along the right lines here.

The recipient gets two things:

• The message
• The signature (encrypted by sender's private key)

To verify the message, the recipient is required to decrypt the signature using the sender's public key, and check that against the hash of the message.

If the hash algorithm isn't specified to the recipient, they have no way of knowing how to hash the message, so they can't verify it.

So the algorithm must be specified to the recipient.

In order for the hash algorithm to be specified by the sender (who knows how the signature was created), and not modifiable by anyone else, it needs to be included inside the signature, and encrypted alongside the hash.

So in order to create a useful signature, the hashing algorithm needs to be specified when encrypting the hash.

这篇关于为什么SignHash需要知道使用什么哈希算法？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！