What is a digital signature?

A digital signature is a series of bytes accompanying a message that provide a means of checking the integrity of the message. Digital signatures also provide a means for verifying the identity of the person who signed the message.

To understand digital signatures, you must have a basic understanding of asymmetric encryption and one-way hashes.


Asymmetric Encryption

Asymmetric encryption offers a means of encrypting and decrypting information by using a pair of keys (as opposed to symmetric encryption which only uses one key). In asymmetric encryption, a message encrypted with one key in the pair can only be decrypted by the other key in the pair.

For example, let's create a pair of keys (called a keypair) and name the keys A and B. Any message encrypted with key A can only be decrypted by key B (not even key A can be used to decrypt the message). Likewise, any message encrypted with key B can only be decrypted by someone with key A. Either key can be used to encrypt a message, but to decrypt you need the other key in the pair.

In practice, the keys in a keypair are named the private key and the public key. A public key may be freely distributed, but the private key must be closely guarded by the owner.

Asymmetric encryption can provide confidentiality or signer verification, but not both at the same time. To demonstrate this, we will use fictional characters Alice and Bob.

Alice encrypts a message with her private key and sends it to Bob. Anyone with Alice's public key can decrypt and read the message (her public key is widely distributed). Since anyone can read the message, it is not confidential. However, since Bob can decrypt the message with Alice's public key, he knows it must have been encrypted with Alice's private key. Since Alice is the only one with the private key, Bob can be assured Alice is the originator of the message. Encrypting a message with a private key provides signer verification, but not confidentiality.

Bob encrypts a response using Alice's public key and sends it to Alice. Only Alice can read Bob's message, because only the private key can be used to decrypt the message (and Alice is the only one with the private key). Since the message that Bob encrypted can only be read by Alice, it is a confidential message. However, anyone can encrypt a message to Alice (using her public key) and claim to be Bob. Encrypting a message with a public key provides confidentiality, but not signer verification.


One-Way Hash

A one-way hash algorithm creates a non-reversable representation of a message. The result of a one-way hash, called a digest, cannot be restored to the original message.

Digests are reproducable. Hashing a message will produce the same digest every time (assuming you use the same hashing algorithm every time). If the message ever changes (even one character in the message), a completely different digest will result.

Here are two similar messages and their digests (using the SHA-1 hasing algorithm):

Message Digest
Tek-Tips Forums 7ad0d32eeef32b90ece56883ca10292562986b75
Tek-Tips forums 1fcb66136ff6680f4c4851c6db88f0cb91847582

By changing the capitalization of one letter in the message, the resulting digest changed dramatically. This characteristic is important for digital signatures.


Digital Signatures

Now that the basics of assymetric encryption and one-way hashes are understood, digital signatures can be described. Basically, a digital signature is a digest that is encrypted with a private key. Here's how it works:

Alice writes a message for Bob. Before sending the message, Alice creates a digest of the message and encrypts the digest (and only the digest) with her private key. Alice sends the plain-text message and encrypted digest (the signature) to Bob.

Bob decrypts the signature with Alice's public key. He then creates his own digest of the message and compares it to the digest Alice sent as her signature. If the digests match, Bob knows Alice's message has not been tampered with (if the message had been altered, Bob's digest would look different than the encrypted digest sent by Alice). Also, the fact that Bob was able to decrypt the signature with Alice's public key means Alice must have signed it (she is the only one with her private key, which means only she could have signed it). In fact, Alice cannot deny having sent the message unless she claims her private key has been stolen (in which case new keys must be issued).

When done properly, digital signatures provide a means to check the integrity of a message, and to verify the signer of the message. Although digital signatures do not provide confidentiality, they are an important tool in data security.