lotus

previous page: 5.2. How do I sign a message while still leaving it readable? (PGP)
  
page up: PGP FAQ
  
next page: 5.4. Are PGP signatures legally binding?

5.3. Can't you just forge a signature by copying the signature block to another message? (PGP)




Description

This article is from the PGP FAQ, by Jeff Licquia jalicqui@prairienet.org with numerous contributions by others.

5.3. Can't you just forge a signature by copying the signature block to another message? (PGP)

No. The reason for this is that the signature contains information
(called a "message digest" or a "one-way hash") about the message it's
signing. When the signature check is made, the message digest from
the message is calculated and compared with the one stored in the
encrypted signature block. If they don't match, PGP reports that the
signature is bad.

 

Continue to:













TOP
previous page: 5.2. How do I sign a message while still leaving it readable? (PGP)
  
page up: PGP FAQ
  
next page: 5.4. Are PGP signatures legally binding?