Introduction: – In the previous tutorial, you have learned about the different ways of message authentication schemes and techniques. In this tutorial you will learn more about the authentication of digital messages and documents.
What is Digital Signature: –
Digital signature is a mathematical model implemented for validating the integrity and authenticity of any information, message, e-documents or software. You can say it as digitally equivalent of handwritten signature or the stamp-seal being made in papers and hard copies. But digital signatures provide more security, intended to solve the problem of impersonation at the time of digital communication.
It provides an assurance of originality as well as identity of status of any e-document or online information (digital forms) acknowledging the valid consent of the signer. In crypto-graphical terms, digital signatures are a form of public key for authentication of message. In the world of hard copies and analog information delivery, hand written signatures are considered valid and have the consent of the signer over that topic in document. Similarly, the digital
signatures provide a way to bind any digital signer or person to its associated digital data. That binding of data can be verified independently or by any third-party organisation as well.
Here’s a diagram of how Digital signatures features itself –
It has a cryptographic value that can be calculated from the data and its secret key known only to the digital signer of that e-document. It is mostly used in business applications where there lies a risk of dispute over data exchange which is critical.
How it works: –
Digital Signatures are dependent on public key cryptography, i.e. asymmetric encryption technique. For creating a digital signature, the signing software such as email programs or other business applications forms a 1-way hashing for the e-data to get signed. It then uses the private key for encrypting the hash. So the package that form from the encrypted hash along with the other information (i.e. the hashing algorithm) is in combination formed the digital
signature. The hash value remains unique to hashed data, so even if there is a change in single letter in the information, results in generating a different hash. Again to validate the integrity of data is enabled by the signer’s public key, which is actually used for decrypting the hash. Hence, if there is a difference between the two hash values, then it becomes clear that the data has been tempered or the integrity is not maintained.
Advantages of Digital Signature: –
- Maintains integrity of data
- Non repudiation is preserved
- Healthy authentication of message can be done