Digital Signature : How it Works

Digital Signature is a cryptographic method, in which a value is calculated which is called a digital signature which allow to establish authorship and affiliation. Encryption and Decryption is related to cryptographic methods. Digital signatures are asymmetric cryptosystems and consequently use a key pair, consisting of a secret key or private key and a public key. In order to assign a signature key signature of a person, the corresponding verification key of this person must be assigned unequivocally. Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. In some countries, including the United States, India and members of the European Union, electronic signatures have legal significance.

The Basic Principle of Digital Signature

Digital signatures can be secure electronic signatures (advanced electronic signatures No. 2 or qualified electronic signatures gem No. 3 ). However, the terms digital signature and electronic signature are not identical : first the electronic signatures do not necessarily based on digital signatures; secondly, a digital signature is a mathematical or technical term, while electronic signature is a legal term.

For the data to be signed, the signature is computed by a unique calculation rule and the private signature key is generated. Various data must lead with probability bordering on certainty to a different signature and the signature must have a different value for each key result. In deterministic digital signature schemes, the digital signature is uniquely defined by the message and the key in probabilistic digital signature schemes go with random values ??in the signature calculation, so that the digital signature can take generate different values for a key.

A digital signature private key usually is not applied directly to the message, but their hash value (such as SHA-1 is) is calculated from the message using a hash function. To prevent attacks, this hash function must collision resistant, i.e. it must be virtually impossible to find two messages whose hash value are identical.

The RSA signature scheme is most commonly used, the operations used are almost identical to those of the RSA encryption, is occasionally used in creating a digital signature from the “Encryption” or “decoding” the hash value. This terminology, however, is inappropriate because a signature-creation syntax is something other process than an encryption or decryption. For most digital signature schemes (eg DSA ) this equation therefore does not apply.

Known Methods for Digital Signature

By far the best known and most widely used digital signature method is RSA, for filling the hash value (padding), as in PKCS #1 standard can be used. The security of RSA is based on the difficulty to break large numbers into their prime factors (factorization). This is also the basis for the security of the signature scheme.

Many digital signature scheme based on the discrete logarithm in finite fields, such as DSA, the El-Gamal, Schnorr signature, Pointcheval-Stern signature, XTR or the Cramer-Shoup signature. All methods based on the discrete logarithm (in finite fields or elliptic curves) are probabilistic and use in addition to the key length other public parameters. Other digital signature schemes based on linear codes, like the McEliece Niederreiter signature, or on lattices, such as the Goldreich-Goldwasser-Halevi-signature or NTRU. The Merkle signature uses hash trees and is based solely on the security of the hash function. Some digital signature schemes have certain properties, such as undeniable signatures or blind signatures, where the signer does not know what he signed, while others allow the signed message to go for message recovery, such as the Nyberg-Rueppel signature. In principle, any digital signature scheme can be combined with any hash functions, as long as the length of the hash is suitable for the chosen parameters of the signature process.

How Digital Signature Works

Applications of Digital Signatures are mainly for maintaining or creating :

1. Authentication
2. Integrity
3. Non-repudiation

To create RSA signature keys, generating an RSA key pair containing a modulus N that is the product of two large primes, along with integers e and d such that e d ? 1 (mod ?(N)), where ? is the Euler phi-function. The signer’s public key consists of N and e, and the signer’s secret key contains d. To sign a message m, the signer computes ? ? md (mod N). To verify, the receiver checks that ?e ? m (mod N).

As organizations move away from paper documents with ink signatures or authenticity stamps, digital signatures can provide added assurances of the evidence to provenance, identity, and status of an electronic document as well as acknowledging informed consent and approval by a signatory. The United States Government Printing Office (GPO) publishes electronic versions of the budget, public and private laws, and congressional bills with digital signatures.