Intro to Digital Signatures
The process & validity behind Digital Signature technology
Public Key Infrastructure – PKI
A cryptographic system that uses two keys,
a public key known to everyone and a private key, the private key
has full control to the key owner, and has to keep in secured environment. A unique element to the public key
system is that the public and private keys are related in such a way that only the public key can be used to
encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually
impossible to deduce the private key if you know the public key.
When David wants to send a secure message to Donna, he uses Donna's public key to encrypt the message. Donna then
uses her private key to decrypt it.
Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. It is also called asymmetric
encryption because it uses two keys instead of one key (symmetric encryption).
Digital Signatures Process
Using David and Donna, we can demonstrate how digital signatures are work.
From David’s point of view, the signing process operation is simple. But few steps are happening while signing process is started. :
Generating a Private and Public Key
For digitally sign documents, David needs to obtain a Private and Public Key – a one-time process , it’s done by
Secured Signing Service while user registered. The Private Key isn’t shared and is used only by David sign documents.
The Public Key is available for all, used for validate the signatory’s digital signature.
Private & Public keys
Digitally Signing Document
Create a digital signature
A unique document’s hash that represent the document is created using a math scheme (like as SHA-1).
Added the signature to the document
The hash result and the user’s digital certificate that includes user’s Public Key are mixed into a digital signature;
it’s done by using the user’s Private Key to encrypt the document hash. The resulting signature is unique to both the
document and the user. Finally, the digital signature is embedded to the document.
David sends the signed document to Donna. Donna uses David’s public key (which is included in the signature within
the Digital Certificate) to authenticate David’s signature and to ensure the document didn’t alter after it was signed.
- Document validation process starts
- Decrypts David’s digital signature with his Public Key and gets sent document
- Compares David’s document hash with Donna calculated Has –Donna calculates the document hash of the received document and compares it with the hash document in the digital signature. If both hashes are same, the signed document has not been altered.
Signing the document:
Verify signed document:
Certificate Authority (CA)
CA issued certificates to ensure the authenticity of the signatories. Certificates are similar to ID Document. When you
want to identify a user in the system you check his certificate. This certificate issued in registration process once all
require information filled in. In PKI world the CA uses the CA’s certificate for authenticating user’s identity.