Let’s introduce to asymmetric cryptography. In a public key infrastructure, a standard user owns 2 keys: one private and one public.
Bob wants now to sign his message. The purpose is to authenticate him as well as testify message integrity. To do it a hash function, SHA512, will be apply. A hash function permits having a data of fixed size from an arbitrary size of data. The mail message content will be hashed. Finally Bob ciphers the hash value using his private key.
Bob sends the mail to Alice. He don’t cipher it but he signs it.
Now Alice musts verify the signature that comes along the mail.
To do it, 2 operations will be made:
- Hashing the mail content
- Deciphered the signature, to have a hash in result
If the 2 result return the same hash value, then the signature is verified!
It is all related to the signature mechanism !