CLR Inside Out: Using Strong Name Signatures -- MSDN Magazine, July 2006

CLR Inside Out: Using Strong Name Signatures -- MSDN Magazine, July 2006: "Strong name signatures (and signing in general) are a key facet of Microsoft� .NET Framework security. But regardless of how well designed .NET signatures may be, they won�t offer the maximum benefit if you don�t know how to use them properly. This installment of CLR Inside Out talks about strong names, strong name signatures, and how to use them.

A Short Refresher

Digital signatures are used to verify the integrity of data being passed from the originator (the signer) to a recipient (the verifier). The signatures are generated and verified using public key cryptography. The signer of a message has a pair of cryptographic keys: a public key, which everyone in the world knows, and a private key, which is kept secret by the signer. The verifier knows only the public key, which is used to verify that the signer knew the private key and the message.
In some cases, when some additional infrastructure is in place, digital signatures can also be used to reliably learn the name of the signer, and to ensure some chunk of data (a message, some code, or so on) has not been modified after the signer created the signature for the data.
Various mechanisms are used to implement digital signatures. The current implementation of strong names in the .NET Framework relies on the RSA public key algorithm and the SHA-1 hash algorithm."