I get email from some folks that have a line at the beginning:
BEGIN PGP SIGNED MESSAGE
And then near the end of their message there’s:
BEGIN PGP SIGNATURE
followed by some gobbledygook. Now I see that same stuff in some of your
responses to comments on your site. What’s it all about?
What you’re seeing is called a “signature”. It’s digital data that
accompanies a message, and is somewhat similar to a hand-written signature,
except for two important facts:
It can be used to validate that the message came from who it claims to come
It can be used to prove that the message wasn’t tampered with.
These days both of those can be pretty important.
Let’s look at how, at a high level, this type of signing works.
Become a Patron of Ask Leo! and go ad-free!
I’ve actually discussed this technology before, in the context of sending encrypted email. That’s
because signing and encryption are tightly coupled, and the same tools and
“keys” can be used for both.
We need to start with a concept: public key encryption. With this type of
encryption, you generate a key pair. Call them “A” and “B”. Something
encrypted using key “A” can only be decrypted with key “B”, and something
encrypted with key “B” can only be decrypted with key “A”.
Now, if I create a pair of those keys, I can make one public and keep the other one a closely
guarded private/secret key. That means a few interesting things can happen:
Someone can take my public key and
use it to encrypt something. Once encrypted only I can decrypt it
using my matching private key. Even the person who encrypted it cannot decrypt
it. It’s a secure way to encrypt data such that it can be seen only by the
I can encrypt something with my private key, that then anyone can
decrypt with my public key. Now, that seems kinda silly, if anyone can decrypt
it. Except that if it can be decrypted using my public key, then only I
could have encrypted it using my private key. It validates that the
encryption could only have been performed by me.
That last point forms the basis for message signing.
I can hear you saying “But … the message isn’t encrypted! I can still read
That’s correct, but something is, and that’s an important second half of the
And it’s time for another concept: the hash. A hash is nothing more than a
complex mathematical function. It takes all the characters in a message,
number-crunches the heck out of them, and produces a number. The hash function
most commonly used today is called “SHA1”. In fact, underneath that “BEGIN PGP
SIGNED MESSAGE” line, you’ll probably see a line that says “Hash: SHA1”. That
means that as part of the signing process the SHA1 hash function was used on
the message to calculate the hash value … the number.
The SHA1 hash function has some very important characteristics:
If anything within the message changes by even the slightest
amount, the number calculated by the hash function will change fairly
The chances of any two messages generating exactly the same hash
value is statistically insignificant. It’s almost guaranteed that the hash will
always be different for different messages, no matter what.
It’s impossible to alter a message in order to have it generate a specific,
desired hash value.
Given a hash value, you can tell nothing about the message that
So now we put it all together to “sign” a message.
First, we calculate the hash value of the message. In the messages you’ve
seen, the message is the part between “BEGIN PGP SIGNED MESSAGE” and “BEGIN PGP
Next, we encrypt that hash value with someone’s private key. For example
when I sign something, I use my private key to do so.
must have come from the person who holds the matching private key.”
Finally, a text version of that encrypted hash value is placed at the end of
the message, between the “BEGIN PGP SIGNATURE” and “END PGP SIGNATURE”.
OK, now what?
If the signature can be decrypted using the appropriate public key, it
must have come from the person who holds the matching private key. If
using my public key you can decrypt the signature of a message I sign, then it
must have come from me.
If you calculate the hash value of the message, and it matches the hash
value that you just decrypted, then you know that the message was not altered
in any way after it was signed.
Both of those are pretty powerful statements to be able to make.
Now, we tend to think of signing with respect to email. Email messages travel
over an untrusted network and we might want to be able to confirm they haven’t been
changed, and came from whom they claim to have come from.
So why have I started occasionally using it when I post a comment on this
Because anyone can claim to be me. There’s no validation of the user name or
email address when someone posts a comment. While I do try to remove imposters,
some may slip through. By signing my comments using this technique, anyone can
independently verify that I was the author of the message by validating the
In fact, here’s that previous paragraph, signed:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Because anyone can claim to be me. There's no validation of the user name or email address when someone posts a comment. While I do try to remove imposters, some may slip through. By signing my comments using this technique, anyone can independently verify that I was the author of the message by validating the signature. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) iD8DBQFFxqRFCMEe9B/8oqERAqA2AJ91Tx4RziVzY4eR4Ms4MFsKAMqOoQCgg7y6 e5AJIRuLUIUikjNWQIW63QE= =aAhr -----END PGP SIGNATURE-----
Validate that against my public
key, and you’ll confirm that only I could have created that signature, and
thus only I could have signed that message. It further validates that the
message wasn’t altered after being signed.
Another thing to note: we keep talking about “messages”. In fact, any
digital data can be signed. I could sign a download, and after you download it
you could validate that download’s signature using my public key. If it
validates, you know that the download came from me, and was not altered.
In fact, the open source “GnuPG” tools
used for all this are, themselves, signed and verifiable exactly that way.
But… as you might expect, there’s a gotcha…
You pretty much have to be a geek to do it.
For email, there are plugins available for some email clients, but for
random other uses you need to get familiar with the tools, techniques and
terminology. If you take a look at How do I send encrypted email? you’ll
see some of the tools and how they’re used to send encrypted email. Those same
tools are used for signing as well.
Now, while I use the Enigmail plugin for Thunderbird that handles encryption
and signing transparently for email, I still have to do things by hand, using
those tools, for anything else. Like signing my comments.
I truly wish that public key encryption and signing were more accessible and
more widely adopted. Unfortunately complexity, as well as competing approaches
to email security specifically, are keeping that from happening.
But for now, if you have the need to perform this type of encryption and/or
validation, the tools are definitely out there.