Digital Signature and Encryption Process / Hierarchy

KTY Ning

11/25/23, 5:18 PM

I'm trying to get my head around this scenario. I understand that a private key can be used for signing a message to provide authentication and public key can be used for encrypting and its corresponding private key can be used to decrypt it. I came across this scenario and Ive been trying to research why this scenario will not work:

Suppose I changed the protocol in Kaufman & Perlman Plausibile Deniability Based on Public Key Technology, so that Alice first signs S, and then encrypts with Bob's public key. So instead of sending [{S}Bob]Alice to Bob, she sends {[S]Alice}Bob. Will this work?(can Bob be sure that the message came from Alice, but not be able to prove it to a third party?.

Why is the latter scenario a problem? Cant Bob just firstly use his private key to decrypt {[S]Alice}Bob and then use a Alice public key to verify [S]?

1 + 1

poncho

11/25/23, 10:57 PM

"some of my classmates argue that the digital signature will get loss"; how would it get lost? Bob's public key decryption algorithm will retrieve the entire encrypted message, which in this case includes the signature...

Score:0

Crypto

poncho

11/25/23, 10:45 PM

Why is the latter scenario a problem?

The issue isn't whether Bob can be sure that $S$ came from Alice, but whether he can prove it to anyone else.

He has $S$ along with the signature signed with Alice's private key; he can show that to anyone else; if they have Alice's public key (which we assume they do), they can validate the signature, and know that $S$ originally came from Alice.

This violates the 'plausible deniability' goal.

+ 2

Yusuf Ning

11/25/23, 11:50 PM

So what is the problem with the latter scenario? and whats the difference between the first scenario and the second? I believe its only a matter of process right? the first scenario is to use Alice public key to authenticate then decrypt S with Bob's private key - the latter is to decrypt with Bob's private key and then use Alice public key to authenticate. So whats the issue with the second one?

Yusuf Ning

11/26/23, 1:45 AM

And how does the first scenario help Alice to maintain 'plausible deniability? Cant Bob just use Alice public key to verify that [{S}Bob]Alice is from Alice and tell everyone that the {S}Bob is from Alice?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Digital Signature and Encryption Process / Hierarchy

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.