Читать книгу Cryptography, Information Theory, and Error-Correction - Aiden A. Bruen - Страница 83

Just as the encryption algorithm for PGP and GPG are very similar to TLS, so is the authentication mechanism. A hash of the e‐mail message is encrypted with the user's private key, and then appended to the end of the message. Then when the e‐mail is received, the user's computer may decrypt this message with the sender's public key and check that the hash corresponds to the hash of the current message. This procedure may serve two purposes. It authenticates the original message sender (the person in possession of the private key used to encrypt the message hash), and it almost guarantees that the message wasn't altered since its signing since, with a strong enough hashing algorithm, it is highly unlikely that two messages hash to the same value.

For more information on the encryption of e‐mail, see “Trustworthy Email” by Rose et al., [RNGC19].