verifying the signature in SSH-2 - SSH

This is a discussion on verifying the signature in SSH-2 - SSH ; do you decrypt the signature with the public key and compare it against the hash of the message or do you encrypt the the hash of the message with the public key and compare it against the signature?...

+ Reply to Thread
Results 1 to 3 of 3

Thread: verifying the signature in SSH-2

  1. verifying the signature in SSH-2

    do you decrypt the signature with the public key and compare it
    against the hash of the message or do you encrypt the the hash of the
    message with the public key and compare it against the signature?


  2. Re: verifying the signature in SSH-2

    yawnmoth wrote:
    > do you decrypt the signature with the public key and compare it
    > against the hash of the message or do you encrypt the the hash of the
    > message with the public key and compare it against the signature?


    Assuming you're talking about RSA, the former. (If you did the
    latter, you'd be reconstructing the signature without using the
    private key, so it wouldn't be much good as a signature algorithm.)

    In DSA, this is a meaningless question, because DSA keys don't do
    anything you could sensibly describe as encryption or decryption.
    --
    Simon Tatham "_shin_, n. An ingenious device for
    finding tables and chairs in the dark."

  3. Re: verifying the signature in SSH-2

    On Jul 4, 3:15 am, Simon Tatham wrote:
    > yawnmoth wrote:
    > > do you decrypt the signature with the public key and compare it
    > > against the hash of the message or do you encrypt the the hash of the
    > > message with the public key and compare it against the signature?

    >
    > Assuming you're talking about RSA, the former. (If you did the
    > latter, you'd be reconstructing the signature without using the
    > private key, so it wouldn't be much good as a signature algorithm.)

    Hmmm - that's a good point


+ Reply to Thread