ies of virus-free .software. Any recipient can verify that the program re-mains virus-free.

If the signature verifies properly, then the verifier has confidence that the data was not modified after 1: Jing signed and that the owner of the public key was the signer. Digital signatures ensure authentication in the following way. In order to digitally sign a document, a user combines her private key and the document and performs a Computation on the composite (key+docurnent) in order to generate a unique number called the digital signature. For example, when an electronic document, such as an order form with a credit card number, is run through the digital signature process, the output is a unique fingerprint of the document. This fingerprint is attached to the original message and further encrypted with the signers private key. If a user is communicating with her bank, she sends the result of the second encryption to her bank. The bank then decrypts the document using her public key, and checks to see if the enclosed message has been tampered with by a third party. To verify the signature, the bank performs a computation involving the original document, the purported digital signature, and the customers public key. If the results of the computation generate a matching fingerprint of the document, the digital signature is verified as genuine; otherwise, the signature may be fraudulent or the message altered. Digital signatures, variations of which are being explored by several companies, are the basis for secure commerce. A digital signature provides a way to associate the message with the sender, and is the cyberspace equivalent of signing for purchases. In this way, consumers can use credit card accounts over the Internet

5.10 AUTHENTICATION AND INTEGRITY

Authentication Data authentication consists of two components: