What is Digital Signature?
Digital Signature is used to ensure the authenticity and integrity of a message, software or digital signature. It is mathematical technique to authenticate the digital message or document. If the message contains valid digital signature recipient user will be assured that the message was created by a known sender, with the digital signature even the sender of message cannot deny having sent the message also the message was not altered in the transit.
The digital signature is equivalent of handwritten signature, but offering far more security. It is intended to solve the problems of tampering and impersonation. Digital signatures are used in the sectors where it is important to detect tempering or forgery like financial transactions, software industry etc. Digital signature provides the evidence of the origin, identity and status of a digital document or financial transaction.
Need of Digital Signature:
Digital signature is very important for regulatory compliance. In order to expedite business approval processes and confirms the integrity of a message digital signature is needed. Almost all public and private organizations are facing the threat of ever-changing regulatory laws. With evolving technology old methods like printing documents, shipping them and getting them signed are getting outdated. Accordingly the regulations are also changing and using technologies like audit trail, digital signature, records retention are becoming mandatory.
How It Works:
A digital signature uses the public key cryptography aka asymmetric cryptography mechanism. Digital signatures are based on the RSA (Rivest-Shamir-Adleman) public key algorithm. One can generate toe keys public and private key which are mathematically linked.
Signing software such as email program creates a one way hash of the electronic data to be signed to create digital signature. To encrypt the Hash private key is used. The other information along such as the hashing algorithm with the encrypted hash is the digital signature.
The hash function can convert arbitrary inputs into a fixed length value which is much shorter this is the reason for encrypting hash instead of entire message. Hashing is much faster than signing hence it saves time. The value of hash is unique to the hashed data so the any change in the data will result in the different value.
The value of the hash is unique to the hashed data. Any change in the data will results in a different value. The integrity of the data is validated by using the signer uses public key to decrypt the hash. If the decrypted hash doesn’t matches with the second computed hash, the data has been tampered with otherwise if the both hash matched it proves the data hasn’t changes since it was signed.
Benefits of Digital Signature
Using digital signatures over paper and ink signatures comes with many advantages.
- A digitally signed document cannot be, modified while in transit or maliciously modified
- Digitally signed document can stand up in the court of law more effectively than paper documents
- It is easy to verify, track relevant documents when they are digitally signed
- Digitally signed documents cannot be repudiated by the signer
- With digital signature an audit trail is used to ensure the confidentially of all transactions
Type of Digital Signature:
- Approval Signatures:
Approval signature is used to optimize the organizations approval procedure.
- Certified Signatures
Including certified signature in the document indicates that the document is secured against the tampering and the person whose signature is used as digital signature is the author of the respective document.
- Visible Digital Signatures
Visible digital signature allows single or multiple users to digitally sign the document.
- Invisible Digital Signatures
Invisible digital signatures are used when sender user don’t want show the signature to recipient user. The documents with invisible signature carry visual indication of blue ribbon in the task bar which indicated the authenticity of the document.