What is Digital Signature?

What is Digital Signature?

Digital Signature We said that security provides four services in relation to a single message: privacy, authentication, integrity, and non-repudiation.
We have already discussed privacy. The other three can be achieved by using what is called digital signature.
The idea is similar to the signing of a document. When we send a document electronically, we can also sign it.
We have two choices: We can sign the entire document, or we can sign a digest (condensed version) of the document.
Signing the Whole Document
Public-key encryption can be used to sign a document. However, the roles of the public and private keys are different here.
The sender uses her private key to encrypt (sign) the message just as a person uses her signature to sign a paper document.
The receiver, on the other hand, uses the public key of the sender to decrypt the message just as a person verifies from memory another person’s signature.
Signing the Digest
We said before that public-key encryption is efficient if the message is short. Using a public key to sign the entire message is very inefficient if the message is very long.
The solution is to let the sender sign a digest of the document instead of the whole document.
The sender creates a miniature version or digests of the document and signs it; the receiver then checks the signature on the miniature.
To create a digest of the message, we use a hash function. The hash function creates a fixed-size digest from a variable-length message.

Scroll to Top