Role of digital signatures in asymmetric cryptography
Encryption and decryption
Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data from unauthorized users. Decryption is the process of converting encrypted data to plaintext. Basically, it is the reverse of encryption. It is used to decrypt the encrypted data so that only an authorized user can access and read the data.
The process entailing encryption and decryption together is called cryptography.
Private and public keys in cryptography
A key is a bit valued string that is used to convert the plaintext into cipher text and vice-versa. A key can be a word, number or phrase. Cryptography makes use of public and private keys. A public key is issued publicly by the organization and it is used by the end user to encrypt the data.
The encrypted data, once received by the organization, is decrypted by using a private key and the data is converted to plaintext.
Cryptography uses symmetric and asymmetric encryption for encryption and decryption of data. If the sender and the recipient of the data use the same key to encrypt and decrypt the data, it’s called symmetric encryption and if the keys are different for encryption and decryption then it’s asymmetric encryption.
Now the basics are clear, let’s focus on what a digital signature is and how it makes use of asymmetric cryptography for authentication and verification of software, messages, documents and more.
A digital signature is a mathematical technique for authentication and verification of software, messages, documents and other things. It also provides message authentication, data integrity and non-repudiation — that is, it prevents the sender from claiming that he or she did not actually send the information.
This technique ties a person to digital data, which can be verified by the receiver or by any third party independently. The digital signature is calculated by the data and a secret key known to the signer only.
For creating a digital signature, the user first creates a one-way hash of the message/document to be signed and this representation of the message in the form of a hash is called message digest. Now, the user uses his private key for encrypting the hash. The encrypted hash and other information like hashing algorithm used is the digital signature.
Steps to create digital signatures
These are the steps one should follow to create digital signatures:
- As described above, a message digest needs to be computed first. A message digest is computed by applying a hash function on the message/document to be sent. Popular hashing algorithms used for generating message digest are Secure Hash Algorithm-1 (SHA-1), Secure Hashing Algorithm-2 family (SHA-2, SHA-256) and Message Digest 5 (MD5).
- This message digest is encrypted using the private key of the sender for creating a digital signature.
- This digital signature is then transmitted with the original message to the receiver.
- When the recipient receives the message, they decrypt the digital signature using the public key of the sender.
- After decrypting the digital signature, the receiver now retrieves the message digest.
- Also, the receiver can easily tally the message digest from the received message.
- The message digest tallied by the receiver and the message digest received must be the same for ensuring message authentication, data integrity and non-repudiation.
Digital signature applications
The following are the widely used applications of digital signatures:
- Send/receive encrypted emails which are digitally signed and secured
- Carrying out safe and secure online transactions
- Identifying participants in an online transaction
- Applying for tenders, e-filing of income tax returns, registrar of companies and other suitable applications
- Sign and validate Word, PDF and Excel document formats
The value of encryption
Encryption is a valuable way to keep data safe and secure — and is a fundamental aspect of cybersecurity.
Digital signatures and certificates, GeeksforGeeks
Cryptography digital signatures, Tutorialspoint