Non-Repudiation
The property that ensures a party cannot deny having performed an action. Combines proof of integrity (data unchanged) and proof of origin (data came from a specific sender). Analogous to a handwritten signature on a contract.
Hash / Hash Function
A mathematical algorithm that converts data of any length into a fixed-length output called a hash value. Any change to the input data produces a completely different hash. Used to verify data integrity.
Message Digest
Another term for a hash value. The fixed-length output of a hash function that uniquely represents the original data, like a digital fingerprint.
Fingerprint (data)
An informal term for a hash value β the unique identifier calculated from a piece of data. Just as a human fingerprint uniquely identifies a person, a data fingerprint uniquely represents a specific piece of data.
Proof of Integrity
Evidence that data has not been altered since it was created or sent. Achieved through hashing β if the hash of received data matches the original hash, the data is unchanged.
Proof of Origin
Evidence that a message came from a specific, authenticated sender. Achieved through digital signatures β the sender's private key creates a signature that only their public key can verify.
Digital Signature
A cryptographic mechanism created by hashing a message and encrypting the hash with the sender's private key. Provides both integrity (hash) and authentication (private key). Anyone can verify using the sender's public key.
Private Key
In asymmetric cryptography, the private key is kept secret by its owner and used to SIGN (encrypt the hash). Never shared. The mathematical counterpart to the public key.
Public Key
In asymmetric cryptography, the public key is shared openly and used to VERIFY (decrypt the signature). Anyone can have it. Created mathematically from the private key but cannot be used to derive the private key.
Asymmetric Encryption
Cryptography using a pair of mathematically related keys (public + private). What one key encrypts, only the other can decrypt. Used in digital signatures and key exchange.
Plaintext
The unencrypted, readable version of a message. In digital signatures, the plaintext is transmitted alongside the signature β the message itself does not need to be encrypted for the signature to work.
Certificate Authority (CA)
A trusted entity that issues and manages digital certificates, binding a public key to a verified identity. Enables trust verification in digital signature systems.
Digital Certificate
A document that binds a public key to an identity, signed by a trusted CA. Used to verify that a public key truly belongs to who claims to own it.
Hash Collision
When two different inputs produce the same hash value. A theoretical weakness in hash functions. Modern algorithms (SHA-256, SHA-3) are designed to make collisions computationally infeasible.
Authentication (origin)
In the context of non-repudiation, authentication means confirming the source of a message. Digital signatures authenticate the sender because only the holder of the private key can create a valid signature.