Definition of Digital Signature in the Network Encyclopedia.
What is a Digital Signature?
Digital Signature is an electronic signature that you can use to sign a document being transmitted by electronic means such as e-mail. Digital signatures validate the identity of the sender and ensure that the document they are attached to has not been altered by unauthorized parties during the transmission.
How does it work?
Digital signatures are based on public-key cryptography systems. In order for digital signatures to work, the sender must have both a digital certificate and a key pair issued by a certificate authority (CA) such as VeriSign, Inc.
A digital signature for a particular document is created using a mathematical hash of the document, which is then encrypted using the sender’s private key. The resulting signature is attached to the document and transmitted.
The receiver performs the same hash on the received document using the sender’s public key. If the two hashes match, it means that the message has been transmitted without corruption by the identified sender. Note that the particular content of a digital signature depends on the document being transmitted; it is different for each document sent.
So, a Digital Signature serves three purposes:
- Authentication – a digital signature gives the receiver reason to believe the message was created and sent by the claimed sender.
- Non-repudiation – with digital signature the sender can’t deny having sent the message.
- Integrity – a digital signature ensures that the message was not altered in transit.
History of Digital Signatures
Ronald Rivest, Adi Shamir, and Len Adleman invented the RSA algorithm, which could be used to create digital signatures. Lotus Notes 1.0, released in 1989, was the first software package to offer a digital signature, which used the RSA algorithm.
In 1988, Shafi Goldwasser, Silvio Micali, and Ronald Rivest became the first to rigorously define the security requirements of digital signature schemes. They described a hierarchy of attack models for signature schemes, and also presented the GMR signature scheme, the first that could be proved to prevent even an existential forgery against a chosen message attack which is the currently accepted security definition for signature schemes. The first such scheme which is not built on trapdoor functions but rather on a family of function with a much weaker required property of one-way permutation was presented by Moni Naor and Moti Yung.