Digital signature
A digital signature is a mathematical scheme for presenting the authenticity of digital messages or documents. A valid digital signature gives a recipient reason to believe that the message was created by a known sender (authentication), that the sender cannot deny having sent the message (non-repudiation), and that the message was not altered in transit (integrity).
Definition
A digital signature scheme typically consists of 3 algorithms;
- A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
- A signing algorithm that, given a message and a private key, produces a signature.
- A signature verifying algorithm that, given the message, public key and signature, either accepts or rejects the message's claim to authenticity.
Why Digital Signature ?
A digital signature added to a document shows the sender’s identity. It can also provide non-repudiation. The sender cannot deny sending the document, only the sender has that digital signature. Digital signatures are created through multiple steps. We need to understand all the steps that must be performed before a digital signature can be generated.
Demonstration of digital signatures using CrypTool
Digital Signature Creation
- First we need to generate a hash value of the document. To generate it, we need to select a hashing algorithm. We’ll use the MD5 algorithm.
- Next, generate a key pair. We’ll generate RSA keys. For RSA key generation, two large prime numbers and a mathematical function are required.
- After successfully generating keys, encrypt the hash value generated earlier.
- We need to create a certificate associated with the RSA key. Provide the following details and click on “create certificate.” It’ll be used for communication between the sender and recipient.Click on generate signature to create a digital signature.
- Click on “store signature.”
Signing with Digital Signature
Select the document to apply the signature. We’ll select our Infosec document.
- Click on “Digital Signature” > Sign.
- Select the digital signature we just created.
Enter the PIN code from the signature creation process, and click on sign.
Verifying the Digital signature
- Click on “Digital Signatures” > Verify signature.
- Select the Digital Signature created above
- This message confirms a correct signature.
The difference between HMAC and Digital Signatures
The difference is the type of key being employed. In HMAC, the key that is used is symmetric, and digital signatures uses an asymmetric key.