Signing in the Cloud: KMS, RSA and OpenSSL
In 1978, Rivest, Shamir, and Adleman, publish the classic paper [1]:
It created the RSA encryption and digital signing method. And, in 2022, the method is still going strong. While elliptic curve methods are used in Bitcoin and Ethereum for digital signing, the rock of digital signing on the Web is still built on RSA. In fact, the vast majority of digital certificates are RSA base. It is thus RSA signing that provides the core of trust on the Web.
And, what has changed since 1978? Well, the public cloud is now often our default platform, and where we work increasingly in AWS or Azure. So, let’s create an RSA signature, and to make sure it works, we will then check it with OpenSSL.
The keys
With digital signing we often use RSA. With this, Alices uses her private key (d,N) to encrypt the message and produce a signature (sig). This is then passed to Bob and who takes the signature and Bob’s public key (e,N), and then decrypts to determine the message. If the message decrypted is the same of the original message, the signature is valid.
