What email address or phone number would you like to use to sign in to Docs.com?
If you already have an account that you use with Office or other Microsoft services, enter it here.
Or sign in with:
Signing in allows you to download and like content, and it provides the authors analytical data about your interactions with their content.
Embed code for: Digital Signature - Khareem
Select a size
Digital signatures Cryptography
Introduction to Digital Signature
Digital signatures are the public-key primitives of message authentication. In the physical world, it is common to use handwritten signatures on handwritten or typed messages. They are used to bind signatory to the message.
Cont. Introduction to Digital Signature
Similarly, a digital signature is a technique that binds a person/entity to the digital data. This binding can be independently verified by receiver as well as any third party.
Digital signature is a cryptographic value that is calculated from the data and a secret key known only by the signer.
Model of Digital Signature Scheme
The digital signature scheme is based on public key cryptography.
Generation of a Digital Signature
Example use: Digital Certificates
A digital certificate is a certificate issued by a CA to verify the identity of the certificate holder. It actually uses a digital signature to attach a public key with a particular individual or an entity.
Digital certificates are widely used on websites based on HTTPS (such as E-commerce sites) to make the users feel safe in interacting with the website.
Importance of Digital Signature
Message authentication − When the verifier validates the digital signature using public key of a sender, he is assured that signature has been created only by sender who possess the corresponding secret private key and no one else.
Data Integrity − In case an attacker has access to the data and modifies it, the digital signature verification at receiver end fails. The hash of modified data and the output provided by the verification algorithm will not match. Hence, receiver can safely deny the message assuming that data integrity has been breached.
Non-repudiation − Since it is assumed that only the signer has the knowledge of the signature key, he can only create unique signature on a given data. Thus the receiver can present data and the digital signature to a third party as evidence if any dispute arises in the future.
By adding public-key encryption to digital signature scheme, we can create a cryptosystem that can provide the four essential elements of security namely − Privacy, Authentication, Integrity, and Non-repudiation.
A hash function is any function that can be used to map data of arbitrary size to data of fixed size.
The following points explain the entire process in detail −
1. Each person adopting this scheme has a public-private key pair.
2. Generally, the key pairs used for encryption/decryption and signing/verifying are different. The private key used for signing is referred to as the signature key and the public key as the verification key.
3. Signer feeds data to the hash function and generates hash of data.
4. Hash value and signature key are then fed to the signature algorithm which produces the digital signature on given hash. Signature is appended to the data and then both are sent to the verifier.
5. Verifier feeds the digital signature and the verification key into the verification algorithm. The verification algorithm gives some value as output.
6. Verifier also runs same hash function on received data to generate hash value.
7. For verification, this hash value and output of verification algorithm are compared. Based on the comparison result, verifier decides whether the digital signature is valid.
8. Since digital signature is created by ‘private’ key of signer and no one else can have this key; the signer cannot repudiate signing the data in future.
data and modifies it, the digital signature verification at receiver end fails. The hash of modified data and the output provided by the verification algorithm will not match. Hence, receiver can safely deny the message assuming that data integrity has been breached.
4. Hash value and signature key are the