What is a Digital Signature?
Created May 4, 2012
Lennart Jorelid
Digital Signatures are used to ensure the identity of a sender. In conjunction with Message Digests, Digital Signatures prevents someone from altering a message and falsely claiming you wrote the altered message. Digital Signatures are a byproduct of public key cryptography, as demonstrated below. (Believe me, it is simpler to describe the concept of a Digital Signature by taking an example).
First, let us describe the key pair with its two keys:
| Concept | Illustration | Description |
|---|---|---|
| Key Pair |  |
Related pair of keys (binary data) generated using a key pair generating algorithm. |
| Private Key |  |
The sender's secret/private key, from the key pair above. This key must never be known by anybody but the sender. |
| Public Key |  |
The sender's public key, from the key pair above. This key may be freely distributed to anybody. |
The process of creating a Digital Signature is fairly straighforward:
| Process Step | Illustration | Description |
|---|---|---|
| Create a Message Digest |  |
The Message Digest data block is produced from the plaintext message. |
| Sign the Message Digest with the user's Private Key |  |
The Message Digest is signed with the key which is kept by the sender only. |
| Digital Signature verification |  |
Using the public key of the sender, any recipient can verify that the decrypted Message Digest matches the plaintext's. |
Since the sender of the message is the only person who has possession of the private key, the recipient may verify the identity of the sender.