Learning Resources

Digital signature

A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, India,[4] and members of the European Union, electronic signatures have legal significance.

In today’s electronic commercial, legal and academic environments the issue of an electronic document’s
authenticity and integrity is of the utmost importance. And as modern workflow in many sectors has evolved, using electronic documents rather than paper, the need for documents to pass through various hands requiring approval, editing and signing off on, need a secure way to verify the authenticity of any individual involved through this process. This is where Digital Signatures come in.
A digital signature scheme typically consists of three algorithms:

  • A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
  • A signing algorithm that, given a message and a private key, produces a signature.
  • A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects
  • the message's claim to authenticity.

Two main properties are required. First, a signature generated from a fixed file and fixed private key should verify the authenticity of that file by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party who does not possess the private key.

Digital signature working

Public-private keys are used to pass sensitive information however it can also be used to provide authentication that a sender is who they say they are. It does not protect the contents of the message, it only proves it is from who it says its from.

It provides authentication and integrity but does not provide confidentiality, data is sent as normal but acts like a normal signature we use on a letter.

A digital signature works by creating a message digest which ranges from between a 128-bit and a 256-bit number which is generated by running the entire message through a hash algorithm. This generated number is then encrypted with the senders private key and added to the end of the message.

When the recipient receives the message they run the message through the same hash algorithm and generate the message digest number. They then decrypt the signature using the senders public key and providing the two numbers match they know the message is from who it says its from AND that is has not been modified.