8/9/2019 Ditigal Signature

1/2

6. Explain Digital Signature?

In cryptography, a digital signature or digital signature scheme is a type of

asymmetric cryptography used to simulate the security properties of a signature in

digital, rather than written, form. Digital signature schemes normally give two

algorithms, one for signing which involves the user's secret or private ey, and onefor verifying signatures which involves the user's pu!lic ey. "he output of the

signature process is called the #digital signature.#

Digital signatures, lie written signatures, are used to provide authentication of the

associated input, usually called a #message.# $essages may !e anything, from

electronic mail to a contract, or even a message sent in a more complicated

cryptographic protocol. Digital signatures are used to create pu!lic ey

infrastructure %&I( schemes in which a user's pu!lic ey %whether for pu!lic)ey

encryption, digital signatures, or any other purpose( is tied to a user !y a digital

identity certi*cate issued !y a certi*cate authority. &I schemes attempt to

un!reaa!ly !ind user information %name, address, phone num!er, etc.( to a pu!licey, so that pu!lic eys can !e used as a form of identi*cation.

Digital signatures are often used to implement electronic signatures, a !roader term

that refers to any electronic data that carries the intent of a signature+-, !ut not all

electronic signatures use digital signatures.+-+/-+0-+1- In some countries, including

the 2nited States, and in the European 2nion, electronic signatures have legal

signi*cance. 3owever, laws concerning electronic signatures do not always mae

clear their applica!ility towards cryptographic digital signatures, leaving their legal

importance somewhat unspeci*ed

4

5ene*ts of digital signatures

"hese are common reasons for applying a digital signature to communications

7uthentication

7lthough messages may often include information a!out the entity sending a

message, that information may not !e accurate. Digital signatures can !e used to

authenticate the source of messages. 8hen ownership of a digital signature secret

ey is !ound to a speci*c user, a valid signature shows that the message was sent

!y that user. "he importance of high con*dence in sender authenticity is especiallyo!vious in a *nancial context. 9or example, suppose a !an's !ranch o:ce sends

instructions to the central o:ce re;uesting a change in the !alance of an account. If

the central o:ce is not convinced that such a message is truly sent from an

authori

8/9/2019 Ditigal Signature

2/2

In many scenarios, the sender and receiver of a message may have a need for

con*dence that the message has not !een altered during transmission. 7lthough

encryption hides the contents of a message, it may !e possi!le to change an

encrypted message without understanding it. %Some encryption algorithms, nown

as nonmallea!le ones, prevent this, !ut others do not.( 3owever, if a message is

digitally signed, any change in the message will invalidate the signature.9urthermore, there is no e:cient way to modify a message and its signature to

produce a new message with a valid signature, !ecause this is still considered to !e

computationally infeasi!le !y most cryptographic hash functions %see collision

resistance(.

Draw!acs of digital signatures

7ssociation of digital signatures and trusted time stamping

Digital signature algorithms and protocols do not inherently provide certainty a!out

the date and time at which the underlying document was signed. "he signer might,

or might not, have included a time stamp with the signature, or the document itself

might have a date mentioned on it, !ut a later reader cannot