What is Digital Signature ?

Posted by SHAILENDRA AGARWAL on 11:26 with No comments
A electronic signature (digital signature) is a mathematical scheme to demonstrate the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, so that the sender can not deny having sent the message (authentication and non-repudiation) and that the message has not been altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

Digital signatures are often used to implement electronic signatures, a broad term that refers to electronic data that carries the intent of a firm, but not all electronic signatures use digital signatures. In some countries, including the United States, India, Brazil, and members of the European Union, electronic signatures have legal value.

Digital signatures use a type of asymmetric cryptography. For messages sent through an insecure channel, properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes in the sense used here are cryptographically based, and must be implemented properly to be effective. Digital signatures can also provide non-repudiation, which means that the signer can not successfully claim that did not sign a message, while also claiming their private key remains secret; In addition, some non-repudiation systems offer a time stamp for the digital signature, so even if the private key is exposed, the signature is valid. Digitally signed messages may be anything representable as a bitstring: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol.

A digital signature scheme typically consists of three algorithms:

  1. A generation algorithm that selects a private key uniformly at random from a set of possible private keys key way. The algorithm outputs the private key and a corresponding public key.
  2. A signing algorithm that, given a message and a private key, produces a signature.
  3. A signature verification algorithm that, given a message, public key and a signature, either accepts or rejects the claim that the message for authenticity.
Two main properties are required. First, the authenticity of a signature generated from a fixed message and fixed private key can be verified using the corresponding public key. Secondly, it must be computationally infeasible to generate a valid signature for a game without knowing the private key of that party.

The applications of digital signature

As organizations move away from paper documents with ink signatures or seals of authenticity, digital signatures can provide additional guarantees of evidence for the origin, identity and status of an electronic document, as well as recognition of consent informed and approval by a signatory. The Government Printing Office of the United States (GPO) publishes electronic versions of the budget, public and private laws, and bills with digital signature. Universities including Penn State, the University of Chicago and Stanford publish electronic student transcripts with digital signatures.

Below are some common reasons for applying a digital signature to communications:
Authentication-Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. When ownership of a digital signature secret key is bound to a specific user, a valid signature shows that the message was sent by that user.

Integrity-In many cases, the sender and recipient of a message may have a need for confidence that the message has not been altered during transmission. Although encryption hides the contents of a message, it may be possible to change an encrypted message without understanding it.

No-repudiation Non-repudiation, or more specifically the non-repudiation of origin is an important aspect of the digital signature. For this property, an entity that has entered some information can not deny at a later time signing. Similarly, access to the public key not only allow the fraudulent party to fake a valid signature.

Apply online digital signature certificates Class 2, digital signature certificate Class 3, and digital signature certificate DGFT in India by Digital Signature Provider in India.