146 Chapter 5 • XML Digital Signatures authenticate your signatures. Proper key management is still a requirement with a public key system.The secrecy of your private key must be maintained. Also, the publication of the public key must be done in such a way that it is trusted to actually be yours and not as somebody else posing as you. As mentioned before, these key management issues are beyond the scope of this chapter. Why a Signature Binds Someone to a Document Digitally signing a document requires the originator to create a hash of the mes- sage itself and then encrypt that hash value with his own private key. Only the originator has that private key, and only he can encrypt the hash so that it can be unencrypted using his public key.The recipient, upon receiving both the message and the encrypted hash value, can decrypt the hash value, knowing the origi- nator’s public key.The recipient must also try to generate the hash value of the message and compare the newly generated hash value with the unencrypted hash value received from the originator. If the hash values are identical, it proves that the originator created the message, because only the actual originator could encrypt the hash value correctly. This process differs from that of a MAC in that even the recipient cannot generate the identical signature, because he does not have the private key. As a result, we now have non-repudiation, only the originator could have created the signature (provided that the private key has not been compromised by being lost or stolen). Again, a signature is not a guarantor. A perfectly mathematically valid signature may have been created through attack or in error. Even VeriSign messes up every now and then. Entropy always wins. Learning the W3C XML Digital Signature The XML specification is responsible for clearly defining the information involved in verifying digital certificates. XML digital signatures are represented by the Signature element, which has a structure in which: n *  Represents zero or more occurrences. n +  Represents one or more occurrences. n ?   Represents zero or one occurrences. We assume that the secret key is properly and securely managed so that the origi- nator and the recipients are the key’s only possessors. www.syngress.com