What is a Digital Signature?

Lennart Jorelid



Digital Signatures are used to ensure the identity of a sender. In conjunction with Message Digests, Digital Signatures prevents someone from altering a message and falsely claiming you wrote the altered message. Digital Signatures are a byproduct of public key cryptography, as demonstrated below. (Believe me, it is simpler to describe the concept of a Digital Signature by taking an example).

First, let us describe the key pair with its two keys:

Concept Illustration Description
Key Pair Related pair of keys (binary data) generated using a key pair generating algorithm.
Private Key The sender's secret/private key, from the key pair above. This key must never be known by anybody but the sender.
Public Key The sender's public key, from the key pair above. This key may be freely distributed to anybody.

The process of creating a Digital Signature is fairly straighforward: 

Process Step Illustration Description
Create a Message Digest The Message Digest data block is produced from the plaintext message.
Sign the Message Digest with the user's Private Key The Message Digest is signed with the key which is kept by the sender only.
Digital Signature verification Using the public key of the sender, any recipient can verify that the decrypted Message Digest matches the plaintext's.

Since the sender of the message is the only person who has possession of the private key, the recipient may verify the identity of the sender.