Intro to Digital Signatures

The process & validity behind Digital Signature technology

Public Key Infrastructure – PKI

A cryptographic system that uses two keys, a public key known to everyone and a private key, the private key has full control to the key owner, and has to keep in secured environment. A unique element to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key if you know the public key.

When David wants to send a secure message to Donna, he uses Donna's public key to encrypt the message. Donna then uses her private key to decrypt it.

Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption).


Digital Signatures Process

Using David and Donna, we can demonstrate how digital signatures are work.

From David’s point of view, the signing process operation is simple. But few steps are happening while signing process is started. :

Generating a Private and Public Key

For digitally sign documents, David needs to obtain a Private and Public Key – a one-time process , it’s done by Secured Signing Service while user registered. The Private Key isn’t shared and is used only by David sign documents. The Public Key is available for all, used for validate the signatory’s digital signature.

Certificate Authority icon
Certificate Authority
Public & Private keys icon
Private & Public keys
Certificate
Certificate

arrow icon

user icon
User

Digitally Signing Document

Create a digital signature

A unique document’s hash that represent the document is created using a math scheme (like as SHA-1).

Added the signature to the document

The hash result and the user’s digital certificate that includes user’s Public Key are mixed into a digital signature; it’s done by using the user’s Private Key to encrypt the document hash. The resulting signature is unique to both the document and the user. Finally, the digital signature is embedded to the document.

David sends the signed document to Donna. Donna uses David’s public key (which is included in the signature within the Digital Certificate) to authenticate David’s signature and to ensure the document didn’t alter after it was signed.

Donna:

  1. Document validation process starts
  2. Decrypts David’s digital signature with his Public Key and gets sent document
  3. Compares David’s document hash with Donna calculated Has –Donna calculates the document hash of the received document and compares it with the hash document in the digital signature. If both hashes are same, the signed document has not been altered.

Signing the document:

Digital Signature workflow

Verify signed document:

Digital Signature verification workflow

Certificate Authority (CA)

CA issued certificates to ensure the authenticity of the signatories. Certificates are similar to ID Document. When you want to identify a user in the system you check his certificate. This certificate issued in registration process once all require information filled in. In PKI world the CA uses the CA’s certificate for authenticating user’s identity.