A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged.
Why use certificate signatures?
Many business transactions, including financial, legal, and other regulated transactions, require high assurance when signing documents. When documents are distributed electronically, it is important that recipients can: * Verify document authenticity – confirming the identity of each person who signed the document * Verify document integrity – confirming that the document has not been altered in transit Certificate-based signatures provide both of these security services. Many businesses and governments have chosen to set up a certificate-based digital signature infrastructure within their organization – using third party certificate authorities to provide independent identity validation. Examples include: * Pharmaceutical companies who need to use signatures that comply with the SAFE (Signatures & Authentication For Everyone) BioPharma industry standard * Companies in the European Union who need to comply with the ETSI PAdES standard (PDF Advanced Electronic Signatures) Other reasons why more and more organizations choose to use this type of digital signatures include: 1. Saving money. The electronic signing method eliminates the cost of paper, printing, and courier services. 2. Document integrity. Organizations that publish/release any kind of PDF material on the internet can now be assured that the PDF documents will not be modified in any way to alter the organization’s brand or credibility. 3. Work efficiency. Handling a document electronically (clicking a button or entering a password) is way faster than circulating it through interoffice mail or courier.
A digital signature scheme typically consists of three algorithms:
* A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
* A signing algorithm that, given a message and a private key, produces a signature.
* A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.
Two main properties are required:
1. a signature generated from a fixed message and fixed private key should verify the authenticity of that message by using the corresponding public key.
2. it should be computationally infeasible to generate a valid signature for a party who does not possess the private key.
HOW DIGITAL SIGNATURE WORKS:
There are two processes in digital signatures:
1. signing process - In this process, data is converted into hash by using hash function then this hash is encrypted by using signer's private key and then this is attached to the data and send.
2.verification - In this process, digital signature are verified. First, digitally signed data is split into data and signature. then data is converted into hash and simultaneously signature is decrypted using signer's public key. if both hash are same then the digital signatures are verified.
Below are some common reasons for applying a digital signature to communications:
Digital signatures can be used to authenticate the source of messages.
When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user.
The importance of high confidence in sender authenticity is especially obvious in a financial context. For example, suppose a bank's branch office sends instructions to the central office requesting a change in the balance of an account. If the central office is not convinced that such a message is truly sent from an...