What is digital signature? Explain the procedure of verifying a digital signature.

Subject E-Commerce
NU Year Set: 2.(c) Marks: 6 Year: 2017

Digital Signature is a process that guarantees that the contents of a message have not been altered in transit.

The process of digital signing

There are typically three algorithms involved with the digital signature process:

  • Key generation – This algorithm provides a private key along with its corresponding public key.
  • Signing – This algorithm produces a signature upon receiving a private key and the message that is being signed.
  • Verification – This algorithm checks for the authenticity of the message by verifying it along with the signature and public key.

The process of digital signing requires that the signature generated by both the fixed message and private key can then be authenticated by its accompanied public key. Using these cryptographic algorithms, the user’s signature cannot be replicated without having access to their private key.

By applying asymmetric cryptography methods, the digital signature process works to prevent several common attacks where the attacker attempts to gain access through the following attack methods:

  • Key-only – Attacker has access to the public key
  • Known message – Attacker has access to valid signatures for known messages, but not those that they have chosen
  • Adaptive chosen message – Attacker gains access to signatures on various messages that they have chosen

A digital code (generated and authenticated by public key encryption) which is attached to an electronically transmitted document to verify its contents and the sender's identity.

Set signature verification preferences

  1. Open the Preferences dialog box.
    Under Categories, select Signatures.
    For Verification, click More.
    To automatically validate all signatures in a PDF when you open the document, select Verify Signatures When The Document Is Opened. This option is selected by default.
    Select verification options as needed and click OK.
    Verification Behavior

    When Verifying
    These options specify methods that determine which plug-in to choose when verifying a signature. The appropriate plug-in is often selected automatically. Contact your system administrator about specific plug-in requirements for validating signatures.

    Require Certificate Revocation Checking To Succeed Whenever Possible ...
    Checks certificates against a list of excluded certificates during validation. This option is selected by default. If you deselect this option, the revocation status for approval signatures is ignored. The revocation status is always checked for certifying signatures.

Login to post your comment.