A digital signature is a cryptographic technique used to validate the authenticity and integrity of a digital message or document. It serves a similar purpose to a handwritten signature or a stamped seal but uses secure encryption technology.
Authentication – Confirms the identity of the sender.
Integrity – Ensures the message or document has not been altered after signing.
Non-repudiation – Prevents the signer from denying the act of signing.
Key Pair Generation:
Each user creates a public key and a private key using a public key infrastructure (PKI).
Signing:
The sender creates a hash (a fixed-size digest) of the message.
The hash is encrypted with the sender’s private key to generate the digital signature.
Verification:
The recipient decrypts the signature using the sender’s public key.
The decrypted hash is compared with a freshly generated hash of the received message.
If they match, the signature is valid.
Email encryption and verification
Software distribution (verifying code integrity)
E-commerce and online contracts
Secure document management (e.g., PDF signing)
