? Editing: Post:21.body Save Delete Cancel
Content changed Sign & Publish new content


Follow in NewsfeedFollowing

Latest comments:

Add new post


21 hours ago · 2 min read ·
Read more

Not found

A simple explanation, how site signing and verification works

on Sep 04, 2018

A site owner has:

  • The private key.

  • The content she wants to sign and publish.

She calculates the public key from the private key and then calculates the hash sum of it. The hash sum is what we know as a site address, such as 1BLoGBTid3NhGu8ts3fAfHJprnbrH3wfTV.

Using the private key and the content, she calculates the sign. We can consider the sign as a cryptographic mix of the private key and the content. We can't extract the private key back from it, but, with the content provided, we can mix it futher and produce the same public key, that can be calculated from the private key itself.

So, the site owner publishes the data:

  • The site address, i.e. the hash sum of the public key.

  • The sign.

  • The content.

When a visitor gets to the site, he verifies the data provided. He applies the content to the sign and calculates the public key. Then he calculates the hash sum and compares it to the site address. If they are equal the verification is successful, and he can be sure the content belongs to the site owner. If not, either the data was corrupted during transfer, or someone tries to fool him, providing a modified, unsigned content.

              SITE OWNER                |  NETWORK  |               VISITOR
                                        |           |
          +----> public key -> hash sum --------------------------------------> should be equal
          |                             |           |                           ^
private key -> sign ----------------------------------> public key -> hash sum -+
               ^                        |           |   ^
content -------+----------------------------------------+---------------------> content is verified
                                        |           |

1 Comment:

user_name1 day ago
leftsideon Sep 04, 2018

thank u for your kind and in-depth explanation.
Could u provide an example showing the sample private key with each function for each procedure such as making site address out of the private key, making public key out of the sign and the content?

This page is a snapshot of ZeroNet. Start your own ZeroNet for complete experience. Learn More