|
|
What is a Digital Signature?
With the invention of Public Key Cryptography, another process known
as a digital signature is possible. A digital signature is much like a
hand signature in that it provides proof that you are the originator
of the message (Authentication). If you want to sign the message which
you sent to an addressee, you pass the message through a mathematical
function (known as a hash function) which provides a summary (hash
code) of the message. This summary is unique for every message and is
much like a fingerprint. You then encrypt this hash code with your
Private Key and attach the code to the end of your message. This
attached code is known as a digital signature. The addressee can then
verify that the message was sent by you by decrypting the digital
signature, using your public key, to get the hash code. The addressee
then passes the received message through the same hash function. If
the two hash codes are the same, then the message was sent from you
(Non-repudiation) and was not altered (Integrity). All this sounds
complicated but, in practice, selecting an icon on your computer
screen is all that it takes to make it happen.
|