Digital Signature:- Digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message and possibly to ensure that the original content or message or documents that have been sent is unchanged. The digital signature is easily transportable Cannot be emitted by someone else and can be automatically time stamp, the ability to ensure that the original sign message arrives means that the sender Cannot easily repute later.
On the other hand, we can say that digital signature is a digital code that can be attached to an electronically transmitted message that uniquely identifies the Sender, like a written signature the purpose of the digital signature is to generate that the individual sending the message really is who he or she claim to be.
How to work digital signature:
A digital signature work by creating a message digit which ranges from between a 26-bit to 28-bit number which is generated by running the entire message through a hash function. This generated by running the entire message through the hash algorithm.
Entire process of digital signature
- Each person adopting this scheme has a public, private key pair
- Generally, key pair use for encryption, decryption and signing, verify is different. The private key is used for signing is refer to as signature key and the public key as the verification key.
- Signor feed data to the hash function and generated the Hash of data
- Hash value and Signature key are feed to the signature algorithm which produces the digital signature on given. Hash Signature is appended to the data and then both are sent to the verifier.
- verifier feeds the digital signature and verifying key into the verification algorithm, The Verification algorithm gives some value as output.
- Verifier also runs some hash function to receive data to generate Hash value.
- For verification this Hash value and output of verification algorithm are compared based on the comparing result, the verifier decides whether the signature is valid or not.
- Since a digital signature is created by the private key of the signor and no one else can have this key.
Importance of digital signature-
The digital signature can be very useful
- Message authentication-When the verifier validates the digital signature using the public key of a sender, he is assured that signature has been created by the sender who processes the corresponding separate private key and not one else
- Data Integrity – In case attackers have access to the data and Modify it, the digital signature verification at the receiver end file the hash of Modify data and the output provided by the verification algorithm will not match here the receiver can safely Deny the message assuming that data integrity has been a breach.
- No Reputation- since it is assumed that only the signor has the knowledge of the signature key he can only create a unique signature on a given data, the receiver can present data and the digital signature to a third party as evidence if any dispute arises in the future.
- Reliability and Security- Digital Signature make the environment more reliable, it is very helpful to prevent forgery and fraud.
- Speed- Digital signature has given speed to the word in past time to make sure that authorized person transactions were held in person to person and it took more time than average but now digital signature has solved this problem.
Encryption with a digital signature-
In many digital communicational channels, it is desirable to exchange an encryption message than plaintext. To achieve Confidentiality in private key encryption, scheme a private key of the sender is available in the open domain and hence anyone can spoof his identity and send an encrypted message to the receiver.
This makes it essential for users. employing for encryption to see digital Signature along with encrypted data to be assured of message authentication and non-reputation.
This can achieve by combining digital signature with encryption scheme there are two possibilities
- sign the Encrypted
- crypted the sign
However, the cryptosystem based on sign the encrypted can be exploited by the receiver to spoof the identity of senders and send the data to third parties, Hence this Method has not preferred the process of encrypted then sign is more reliable and widely adopted. The receiver receiving the encrypted data and signature on it. First Verify the signature using the sender public key after ensuring the validity of the signature, he retrieves the data through decryption using the private key.
I hope this post helps you to understand the Digi Signatures, workflow, process and its importance .
Keep learning 🙂