Encyclopedia > Digital signature

  Article Content

Digital signature

Digital signatures are a method of authenticating digital information, in the same sense that an individual signing a paper document (or applying the seal of an organization) authenticates it.

A digital signature is itself simply a sequence of bits formatted according to one of a number of standards in the area.

Most digital signatures rely on public key cryptography to work, and a basic understanding of the principles of these systems is required to understand how digital signatures work. Consider the case of two people Alice and Bob. Bob wants Alice (and other people, for that matter) to be able to send secret messages to him. To do this, Bob generates a key pair - two related "keys", and distributes one widely (for instance, putting it on his webpage), and keeps one secret. Alice retrieves this widely distributed key (known as the public key) and scrambles the message using the public key. Once scrambled (encrypted) with the public key, it cannot be descrambled with it, so any person who intercepts the message and retrieves Bob's public key cannot read the contents. When Bob receives the message, Bob descrambles it using his secret key. Therefore, the message is kept secret, and Bob and Alice do not need another "secure" channel to exchange a shared key.

The above is a simple outline of the methods, and does not deal with the details of how the key pairs are generated, how they are applied to encyrpt and decrypt the message, and what prevents an attacker with access to the scrambled message and the public key from retrieving the unscrambled message or the secret key. See the public key cryptography article for more details.

For most public key algorithms, there is nothing particularly special about the private and public keys - choosing which one to use as the public key and which one to keep secret is purely a matter of choice. Therefore, consider a different scenario, where Bob wants to send a message to Alice that he wants to prove came from him (but doesn't care whether anybody else reads it). In this case, Bob sends an unscrambled copy of the message to Alice, along with a copy of the message scrambled with his secret key. Alice can then check whether the message really came from Bob by unscrambling the scrambled message with Bob's public key and comparing it with the unscrambled version. If they match, the message was really from Bob. In essence, this method is how digital signatures work (though with some refinements to improve performance and make things harder for attackers to deduce the secret key from the public key).

Often, Bob applies a cryptographically strong hash function to the message before encrypting it, to keep the signature significantly shorter than the message. In this case, the scheme may be susceptible to a birthday attack.

To finish: current and future applications, actual algorithms, standards, why not adopted as widely as expected, etc.

Some digital signature algorithms include:

All Wikipedia text is available under the terms of the GNU Free Documentation License

  Search Encyclopedia

Search over one million articles, find something about almost anything!
  Featured Article

... railway company DB is the abbreviation of Dominion Breweries[?], a major beer brewing company of New Zealand. This is a disambiguation page; that is, one tha ...

This page was created in 37.3 ms