What is digital signature? Explain the procedure of verifying a digital signature.
|NU Year||Set: 2.(c) Marks: 6 Year: 2017|
Digital Signature is a process that guarantees that the contents of a message have not been altered in transit.
The process of digital signing
There are typically three algorithms involved with the digital signature process:
- Key generation – This algorithm provides a private key along with its corresponding public key.
- Signing – This algorithm produces a signature upon receiving a private key and the message that is being signed.
- Verification – This algorithm checks for the authenticity of the message by verifying it along with the signature and public key.
The process of digital signing requires that the signature generated by both the fixed message and private key can then be authenticated by its accompanied public key. Using these cryptographic algorithms, the user’s signature cannot be replicated without having access to their private key.
By applying asymmetric cryptography methods, the digital signature process works to prevent several common attacks where the attacker attempts to gain access through the following attack methods:
- Key-only – Attacker has access to the public key
- Known message – Attacker has access to valid signatures for known messages, but not those that they have chosen
- Adaptive chosen message – Attacker gains access to signatures on various messages that they have chosen