Understanding Digital Signatures

Understanding Digital Signatures

A digital signature is a mathematical scheme for ensuring the authenticity of data (document, email, etc). The digital signature assures that any changes made to the data that has been signed cannot go undetected. Digital signatures can also provide non-repudiation, meaning that the signer cannot claim they did not sign the document.

1. Using Key generation algorithms like RSA, a sender generates a key pair- a Public Key and a Private Key. The Public Key is available to anyone in public, while the Private Key is kept to the sender. A Key can encrypt data and another Key can decrypt data.

2. With the Private Key, a sender can put digital signatures on a document and other data.

3. Using a "hashing" algorithm like MD5, the sender performs the hash-function on the data. This creates a message-digest of the data. This function is irreversible.

4. The sender then encrypts this message-digest with his Private Key. The result is a digital signature.

5. This digital signature can be appended to a document. The sender then sends this digitally signed document.

6. The receiver after receiving this document, verifies the digital signature. The receiver decrypts the digital signature using the sender's Public Key and obtains the message-digest.

7. The receiver then performs the same hash-function on the document data and obtains its own message-digest.

8. If the message-digest obtained from the digital signature and the one obtained after performing the hash-function match, then the receiver can be assured that the data has not been changed.

Further reading:

1. http://en.wikipedia.org/wiki/Digital_signature
2. http://www.youdzone.com/signature.html