A digital
signature is derived from a mathematical technique that is used to validate the
authenticity and integrity of any kind of digital information such as message,
digital document or even a software. Being the digital equivalent of a
handwritten signature or the age-old stamped seal, a digital signature, by its
nature, provides security of a much greater magnitude.
With inherent security traits such as encryption, it offers solutions to tampering, identity theft, and data fraud in digital communications. A digital signature also contains the added assurances of evidence of where, how and by whom an electronic document or activity was created and/or managed.
With inherent security traits such as encryption, it offers solutions to tampering, identity theft, and data fraud in digital communications. A digital signature also contains the added assurances of evidence of where, how and by whom an electronic document or activity was created and/or managed.
Digital
signatures are increasingly being considered as legally binding in the same way
as traditional document signatures. Today, various countries publish electronically
versions of the budget, public and private laws, and congressional bills with
digital signatures.
Digital
signature technology works on the principle of public key cryptography. The
distinguishing technique used in public key cryptography is the use of
asymmetric key algorithms, where a key used by one party to perform encryption
is not the same as the key used by another in decryption. Each user has a pair
of cryptographic keys – a public encryption key and a private decryption key.
Therefore,
digital signatures are used by generating two keys that are mathematically
linked - one private and one public. Digital signatures work because public key
cryptography depends on two mutually authenticating cryptographic keys. The
individual who is creating the digital signature uses their own private key to
encrypt signature-related data; the only way to decrypt that data is with the
signer's public key. This is how digital signatures are authenticated.
The next
step - a digital signature certificate.
A digital
signature certificate is the electronic document that contains the digital a signature, identifying the issuing authority so as to allow the user. It binds
together a public key with an identity so as to be used to verify that a public
key belongs to a particular person or entity.