Digital Signature and its Usage



We all know how to sign as we have to sign documents for almost everything, every written process requires signature such as if we want to open a bank account, need some certificate or take admission anywhere, we need to sign the required documents as it verifies our identity. So, what is this digital signature we are talking about? Let's see.

In case of online activities that you do on the internet, in your computer, in your phone or anywhere else, etc. how will you authenticate yourself? Verify that it is you, we cannot take a pen and sign physically through the screen that's why we need digital signatures. It basically verifies that the file you are receiving is coming from which computer, for which computer and if the information is tampered or not.

Now, you might be thinking that oh well, "I don't think I have ever used digital signatures" , but actually you already have used these digital signatures before. The most common example is the "username" and "password", only you know these information while creating your ID on any site so whenever you login into these sites, they act as digital signatures for you as when you enter information, the website verifies your identity and gives you access. Thus, we can say that a digital signature is equivalent to a handwritten signature and is an electronic verification of the sender.

Purpose of Digital Signature


Before we get into the process, it is important to know that it basically serves three purposes: -

Authentication

A digital signature gives the receiver reason to believe that the message was created and set by the claimed sender.

Non Repudiation

With digital signature ,the sender cannot deny having sent the message later on.

Integrity

A digital signature ensures that the message was not altered in transit.

How do digital signatures work?


It is also important to know certain terms and after that I'll give you an example which you can easily understand:-

Hash function

Hash function or hash algorithm creates a unique digital fingerprint of data. It is primarily used for comparison purposes, not for encryption.

Digest

The digital fingerprint of data is called digest or message digest or simply hash. Now, let us understand this with an example:- Suppose there are two people, Aarti (the sender) and Pragya (the receiver). Aarti will send a memo to Pragya with a digital signature, keep in mind that in this digital signature asymmetric key (public key algorithm) encryption is present.

First Aarti generates two keys. One is a public key and the other one is a private key. Aarti keeps the private key and gives Pragya the public key. After creating a memo Aarti generates a digest by hashing her memo using some hashing algorithm. Aarti then encrypts the digest with her private key. This encrypted digest is the digital signature for the memo. Now, Aarti sends both the memo and digital signature to Pragya (receiver).

When Pragya receives the memo ,she will do two things:-

1. Pragya will decrypt the digital signature with Aarti's public key and will get the digest. If she cannot decrypt the digital signature then she knows that it is not from Aarti because only Aarti's public key can decrypt the digest generated with her private key.

2. Once Pragya gets the digest, she checks the integrity of the memo. Here is what she will do, Pragya will hash the memo sent with the same hashing algorithm used by Aarti and if the digest matches with Aarti's then she can be confident that this memo is sent by Aarti. On the other hand, if the digest does not match then she knows that the memo has been altered in transit. Note:- It is important to know here that digital signatures do not encrypt the message itself. In this example, Aarti is sending the memo in plain text. If she wants to encrypt the memo, then she would need Pragya's public key.

Benefits of digital signatures


  • We can easily identify if a document is fake or altered.
  • Digital signatures are environmentally friendly as it saves paper and cutting down of trees.
  • It helps in quick completion of tasks as it is done through the internet and not manually.
  • It saves time.
  • It is important for e-filing.
  • Many agreements, contracts and even registrations require digital signature.


Conclusion:-



In this digital era where almost every paperwork has become digital, digital signatures play an important role. Thus, it is advised to keep your digital signatures safe and secure as the theft of these digital signatures will lead to huge loss. There are different digital signature certificate, choose your one now.