Class 14: Digital Signatures

Computing in Molecular Biology and Genetics 1

Andrés Aravena, PhD

16 November 2020

Do I have your homework?

In the homework I asked you to send me a file

How can we verify that we have the same file?

How can we be sure that nobody changed it?

How to be sure without showing the content of the file?

Digital signature

An answer to these question is given by digital signatures

They are not digital pictures of a handwritten signature

Instead they are a unique number that identifies the exact document

This number is called digest. It is produced by a crypotgraphic hash function

Cryptographic hash function

MD5 hash function

  • The input is a file (all the characters)

  • The output is the digest

  • The same input produces always the same digest

  • Different inputs produce different digests

  • If the input changes, the digest changes

  • If the input changes a little, the digest changes a lot

How do you validate the file?

Go to http://onlinemd5.com/ or any other service you find on Google

The evaluation is done in your computer. The file is not sent by the internet

How do you validate the file?

You can take the file you attached, get the digest and compare with the one I created

If they are the same we are sure that I have your file

And we do not need to show the content

Application: Intellectual Property

Imagine you are working in a project

  • You have an idea, a draft or some data that is confidential
  • You do not want to make it public (yet)
  • But you want to show that you have this document today

You can get the MD5 digest and publish it

  • on a newspaper
  • on Facebook
  • or anywhere you can look back and show the date and the digest