Introduction
In physical world, we use signatures to verify the documents or information. But, due to creation of trustless systems and decentralized P-2-P network, blockchain has become one of demanded and advanced technology in the field of cyber security, financial services, health sector and supply chain management.
Here, digital signature comes into play, which is a cryptographic mechanism, and also used to verify authenticity and integrity of digital data. In layman terms, it can be considered as a digital version of the ordinary handwritten signature, but with higher levels of complexity and security. It can also be understood as a code that is attached to a message or document. After generating, the code acts as a proof that the message has not been tampered with along its way from sender to receiver.
What is digital signature?
Digital Signature is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital Signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged.
Components of Digital Signature
There are two main components of digital signature
- Hashing: Hashing is one of the core components of digital signature. Hashing is done by hash functions; hash functions are those functions which convert any size of input message into a definite or fixed size output. These functions are special algorithms such as SHA-256.
- Cryptography: Cryptography is another type of component, which is used in encryption and decryption methods. There are two types of Cryptography:
- Symmetric Key Cryptography: An encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. The most popular symmetric–key system is the Data Encryption Standard (DES).
- Asymmetric Key Cryptography: Asymmetric key cryptography is also known as in Public Key Cryptography. It can be defined as the encryption process where different keys are used for encrypting and decrypting the information. Keys are different but are mathematically related, such that retrieving the plain text by decrypting ciphertext is feasible. Digital Signature uses the asymmetric key cryptography.
Digital Signature Working Process
Digital Signature working process can be understood within
- Sender writes a message
Sender writes a message, which he has to send to the receiver
- Data to Hash Value
Sender feeds the data into hashing algorithm and get a hashed value, where the hashing algorithm always gives same number of digits or words
- hash value to digital signature
Hash value generated by via hash function, is encrypted using sender’s private key, and the outcome becomes a digital signature.
- Send to receiver or verifier
Digital signature (encrypted and hashed data, where encryption is done via private key and hashed value is generated via hashing algorithm or function) and data (or message) send to the receiver or verifier.
Verification Process
- Digital signature to hash value
After getting digital signature from the sender, receiver or verifier pass digital signature do decryption using sender’s public key, and gets hash value from the digital signature
- Data to hash value
With digital signature, receiver also gets data or message. Then to verify data, receiver converts data or message via feeding it into hashing algorithm and gets hash value.
- Matching both values
Receiver verifies both of the hash values. And eventually, he gets that both of them are same or not.
Benefits of Digital Signature
- Authentication: Digital signature can be used within source authentication of a message, when ownership of digital signature secret key is bound to a specific user, in which a valid signature shows that the message is sent by that specific user. It is a great method which is used in blockchain used applications.
- Integrity:
- Confidence: Within the whole process, sender and receiver both have a need for confidence that the message should not be altered during transmission.
- Encryption concern: Although, encryption hides the message but it may be possible to change an encrypted message without understanding it.
- Modification within message: There is no efficient way to modify a message and its signature to produce a new message with a valid signature. Because this is still considered to be computationally infeasible by most cryptographic hash functions.
Powered by Froala Editor
