To overcome the efficiency problem, let’s make use of a session key (discussed in Section 8.2.2). In particular, Alice (1) selects a random symmetric session key, KS, (2) encrypts her message, m, with the symmetric key, (3) encryptsthe symmetric key with Bob’s public key, KB , (4) concatenates the encryptedmessage and the encrypted symmetric key to form a “package,” and (5) sends thepackage to Bob’s e-mail address. The steps are illustrated in Figure 8.19. (In this and the subsequent figures, the circled “+” represents concatenation and the circled “–” represents deconcatenation.) When Bob receives the package, he (1) uses his private key, K – , to obtain the symmetric key, K , and (2) uses the symmetric key KS to decrypt the message m.Having designed a secure e-mail system that provides confidentiality, let’s nowdesign another system that provides both sender authentication and message integrity. We’ll suppose, for the moment, that Alice and Bob are no longer concerned with confidentiality (they want to share their feelings with everyone!), and are concerned only about sender authentication and message integrity. To accomplish this task, we use digital signatures and message digests, as described in Section 8.3. Specifically, Alice (1) applies a hash function, H (for example, MD5), to her message, m, to obtain a message digest, (2) signs the result of the hash function with her private key, K –, to create a digital signature, (3) concatenates the original (unencrypted) message with the signature to create a package, and (4) sends the package to Bob’s e-mail address. When Bob receives the package, he (1) applies Alice’s public key, K +, to the signed message digest and (2) compares the result of this operation with his own hash, H, of the message. The steps are illustrated in
đang được dịch, vui lòng đợi..
![](//viimg.ilovetranslation.com/pic/loading_3.gif?v=b9814dd30c1d7c59_8619)