11
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 20 Jun 2023
11 points (100.0% liked)
Technology
37443 readers
183 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
If you get the sha256 from the same place you got the main file, then anyone tampering with the main file could also recalculate the sha256 to match the tampered file. A signature signed with a certificate uses complex math (public-key asymmetric cryptography) to give some certainty that the signed content (the sha256) is the same sha256 that the original file author created. It’s not mathematically feasible to recalculate the certificate signature. Why don’t we just sign the whole original file with the public-key crypto and skip the sha256? Because asymmetric crypto is much, much slower than plain symmetric crypto or hash functions. It’s faster and easier to generate the valid hash or key, then sign or encrypt just the smaller key.
In other words, if the sha matches, then it wasn’t corrupted during downloading. If the signature matches, then it wasn’t tampered with before you downloaded it.
There’s also a third check. Even if the certificate signature is valid, you have to have confidence that the certificate is authentic and trusted to be from the original author. This is usually done by having a trusted third party sign the certificate with another, more trusted, certificate.
really its just different trust root authorities presuming we are still talking pk distribution infra involved here. alice and bob can of course always trade keys in other ways. if its distributed you have to root trust with a ledger (trust area: key ceremony, consensus protocol) or a CA (trust area: the CA chain, every step is another element of trust)