What is a digital signature?

A digital signature is a mathematical function that can demonstrate that a digital message or file is authentic or from a particular person.

For example:

  1. Alice selects the file to be digitally signed or clicks on ‘sign’ in her email application
  2. The hash value of the file content or the message is calculated by Alice’s computer
  3. This hash value is encrypted with Alice’s Signing Key (which is a Private Key) to create the Digital Signature.
  4. Now, the original file or email message along with its Digital Signature are sent to Bob.
  5. After Bob receives the signed message, the associated application (such as email application) identifies that the message has been signed. Bob’s computer then proceeds to:
    • Decrypt the Digital Signature using Alice’s Public Key
    • Calculate the hash of the original message
    • Compare the (a) hash it has computed from the received message with the (b) decrypted hash received with Alice’s message.
  6. Any difference in the hash values would reveal tampering of the message

Digital signatures are very handy for sending encrypted messages that prove a person’s ownership of a message or identity.