Term:digital signature

digital signature is a very large number that is computed from a digital document to verify both its authenticity and authorship.

The document being signed is first hashed, which generates a large number. That number is then encrypted, using the private key of its author. The resulting encrypted number accompanies the original document as its digital signature.

If the digital signature can be successfully decrypted using the author’s public key, that verifies authorship, because only the author could have encrypted it using his private/secret key.

The hash value of the message is recalculated, and if it matches the value resulting from the successful decryption, that verifies the document hasn’t been changed since being signed – any modification, however small, would cause the recalculated hash value to be different than the original one calculated before the message was signed.

Conversely, if the signature cannot be successfully decrypted using the author’s public key, authorship cannot be verified; if the decrypted signature’s value does not match the hash calculated from the document, then the authenticity of the document cannot be verified.

digital signature (Wikipedia)
Alice signs a message—"Hello Bob!"—by appending to the original message a version of the message encrypted with her private key. Bob receives the message, including the signature, and using Alice's public key, verifies the authenticity of the message, i.e. that the signature can be decrypted to match the original message using Alice's public key.
Alice signs a message—"Hello Bob!"—by appending to the original message a version encrypted with her private key. Bob receives both the message and signature. He uses Alice's public key to verify the authenticity of the message, i.e. that the encrypted copy, decrypted using the public key, exactly matches the original message.

A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very strong reason to believe that the message was created by a known sender (authentication), and that the message was not altered in transit (integrity).

Digital signatures are a standard element of most cryptographic protocol suites, and are commonly used for software distribution, financial transactions, contract management software, and in other cases where it is important to detect forgery or tampering.

Digital signatures are often used to implement electronic signatures, which includes any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including Canada, South Africa, the United States, Algeria, Turkey, India, Brazil, Indonesia, Mexico, Saudi Arabia, Uruguay, Switzerland, Chile and the countries of the European Union, electronic signatures have legal significance.

Digital signatures employ asymmetric cryptography. In many instances, they provide a layer of validation and security to messages sent through a non-secure channel: Properly implemented, a digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographically based, and must be implemented properly to be effective. They can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret. Further, some non-repudiation schemes offer a timestamp for the digital signature, so that even if the private key is exposed, the signature is valid. Digitally signed messages may be anything representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol.

« Back to Glossary Index