What is a Digital Signature?
Digital Signatures are used to ensure the identity of a sender. In conjunction with Message Digests, Digital Signatures prevents someone from altering a message and falsely claiming you wrote the altered message. Digital Signatures are a byproduct of public key cryptography, as demonstrated below. (Believe me, it is simpler to describe the concept of a Digital Signature by taking an example).
First, let us describe the key pair with its two keys:
|Key Pair||Related pair of keys (binary data) generated using a key pair generating algorithm.|
|Private Key||The sender's secret/private key, from the key pair above. This key must never be known by anybody but the sender.|
|Public Key||The sender's public key, from the key pair above. This key may be freely distributed to anybody.|
The process of creating a Digital Signature is fairly straighforward:
|Create a Message Digest||The Message Digest data block is produced from the plaintext message.|
|Sign the Message Digest with the user's Private Key||The Message Digest is signed with the key which is kept by the sender only.|
|Digital Signature verification||Using the public key of the sender, any recipient can verify that the decrypted Message Digest matches the plaintext's.|
Since the sender of the message is the only person who has possession of the private key, the recipient may verify the identity of the sender.