Back
Digital Signatures
Next
Restart
Next
This work is licensed with a
Creative Commons Attribution 4.0 International LicenseEndFragment
1/8
Digital Signatures
Encryption
Bob’s
Public Key
The objective of a digital signature is to authenticate and verify documents and data to avoid tampering and digital modification or forgery during the transmission. A digital signature uses the public key cryptography architecture. Typically, an asymmetric key system encrypts using a public key and decrypts with the private key. For digital signatures, however, the reverse is true. The sender encrypts the signature using a private key and the receiver decrypts with the corresponding public key. Because the keys are linked, decrypting with the public key verifies that the proper private key signed the document, thereby verifying the signature’s provenance.
SignedContract
Contract
Decryption
2/8
Bob’s
Private Key
Store Keys
Generate RSA KeysPublic Key:
Private Key:
Private Key
PKI Server
3/8
Public Key
Bob has a public and a private key. The public key is typically stored on a public key infrastructure server. A public key can be given to anyone, like Alice, whom Bob needs to communicate with. Bob stores his private key locally on his system.
Digital signatures use a cryptographic hash. A fixed-size string of bytes of the document is generated using a hash function. Hashing algorithms include SHA-1 (a 160-bit hash value), SHA-256 and SHA-3 (a 256-bit hash value). MD5 produces a 128-bit hash value, but it is now considerred insecure due to vulnerabilties.
How Does a Digital Signature Work?
Bob needs to send Alice several documents. Since the documents are not confidential, Bob does not need to encrypt them, but Alice will need to verify that these documents came from Bob, and that they were not modified during transit.
To simulate this step, enter a message no longer than 15 characters.
Step 1: The documents are passed to a hash function to create a hash digest.
4/8
Enter Message (max 15 characters): Generate SHA-256 Hash
SHA-256 Hash:
Click to begin the digital signature process
In addition to asymmetric encryption, digital signatures use a cryptographic hash. A fixed-size string of bytes of the document is generated using a hash function. Hashing algorithms include SHA-1 (a 160-bit hash value), SHA-256 and SHA-3 (a 256-bit hash value). MD5 produces a 128-bit hash value, but it is now considerred insecure due to vulnerabilties.
5/8
Step 2: The hash digest gets encrypted with Bob’s private key.
Step 3: Alice receives the reports and the encrypted hash. She can decrypt the hash with Bob’s public key availble from the PKI server.
6/8
#
7/8
Step 4: Alice will pass the reports through the same hash algorithm to generate a hash digest. If the hashes match, it verifies data integrity.
Since the hashes match, Alice knows that Bob used his private key to encrypt the hash to secure the signature.
Digital Signature: High legal recognition
Technology
Electronic Signature: Varies by method and evidence
Legal Recognition
Digital Signature: High security, encryption
Security
Electronic Signature: Varies by method
Use Cases
Digital Signature: Authenticity, integrity, non-repudiation
Digital Signature: Official documents, contracts
Electronic Signature: Show intent or agreement
Electronic Signature: Business documents, online agreements
Digital Signature: Cryptographic algorithms, key pairs
Digital signatures and electronic signatures are both methods used to authenticate and verify the integrity of digital documents, but they serve different purposes and are based on different technologies.An electronic signature is a broader term that refers to any electronic process that indicates acceptance of an agreement or a record. It can be as simple as a typed name, a clicked checkbox, or a handwritten signature on a touchscreen. Click on each button to learn more.
8/8
Electronic Signature: Touchscreens, click-to-sign, biometrics
Purpose