User Manual
Enterprise Self-Encrypting Drive User’s Guide, Rev. B 27
Figure 18. Using the hash digest as the sender’s signature
To ensure privacy, we can take this process one stage further as shown in Figure 19. In this case, Marge signs the mes-
sage as before, but before transmitting it to Alan, she encrypts both the message and the appended signature with
Alan’s public key.
When Alan receives the transmission, the first thing he does is decrypt the package with his private key. Once that is
done he has the plain text message and the digital signature and he can continue to process the information as he did
in Figure 18.
It has taken a fair amount of extra work, but at the end of it all, Marge can be sure that her message was secure and
that Alan knows that it came from her and not some interceptor who is snooping on the network.
It is easy to get confused about what keys to use to encrypt messages and which to use for signatures, so here’s a
summary:
Marge’s private key: Used to sign messages to Alan and decrypt messages from Alan
Marge’s public key
1
: Used by Alan to encrypt messages to Marge
Alan’s private key: Used to sign messages to Marge and decrypt messages from Marge
Alan’s public key: Used by Marge to encrypt messages to Alan.
Figure 19. Signed messaging with privacy
1 Marge would exchange public keys with anyone else on the network with whom she wants to exchange secure messages. A message encrypted
with a public key can only be decrypted with the receiver's private key so there is no danger to privacy by distributing multiple copies of her public
key.