We all know how to sign as we have to sign documents for almost everything, every written process requires signature such as if we want to open a bank account, need some certificate or take admission anywhere, we need to sign the required documents as it verifies our identity. So,
what is this digital signature we are talking about? Let's see.
In case of online activities that you do on the internet, in your computer, in your phone or
anywhere else, etc. how will you authenticate yourself? Verify that it is you, we cannot take a
pen and sign physically through the screen that's why we need digital signatures. It basically verifies that the file you are receiving is coming from which computer, for which computer and if
the information is tampered or not.
Now, you might be thinking that oh well, "I don't think I have ever used digital signatures" , but
actually you already have used these digital signatures before. The most common example is
the "username" and "password", only you know these information while creating your ID on any
site so whenever you login into these sites, they act as digital signatures for you as when you
enter information, the website verifies your identity and gives you access. Thus, we can say that
a digital signature is equivalent to a handwritten signature and is an electronic verification of the
Purpose of Digital Signature
Before we get into the process, it is important to know that it basically serves three purposes: -
A digital signature gives the receiver reason to believe that the message was created and set by
the claimed sender.
With digital signature ,the sender cannot deny having sent the message later on.
A digital signature ensures that the message was not altered in transit.
How do digital signatures work?
It is also important to know certain terms and after that I'll give you an example which you can
Hash function or hash algorithm creates a unique digital fingerprint of data. It is primarily used
for comparison purposes, not for encryption.
The digital fingerprint of data is called digest or message digest or simply hash.
Now, let us understand this with an example:-
Suppose there are two people,
Aarti (the sender) and Pragya (the receiver). Aarti will send a memo to Pragya with a digital
signature, keep in mind that in this digital signature asymmetric key (public key algorithm)
encryption is present.
First Aarti generates two keys. One is a public key and the other one is a private key.
Aarti keeps the private key and gives Pragya the public key. After creating a memo Aarti
generates a digest by hashing her memo using some hashing algorithm. Aarti then encrypts the
digest with her private key. This encrypted digest is the digital signature for the memo. Now,
Aarti sends both the memo and digital signature to Pragya (receiver).
When Pragya receives the memo ,she will do two things:-
1. Pragya will decrypt the digital signature with Aarti's public key and will get the digest. If she
cannot decrypt the digital signature then she knows that it is not from Aarti because only Aarti's
public key can decrypt the digest generated with her private key.
2. Once Pragya gets the digest, she checks the integrity of the memo. Here is what she will do,
Pragya will hash the memo sent with the same hashing algorithm used by Aarti and if the digest
matches with Aarti's then she can be confident that this memo is sent by Aarti. On the other
hand, if the digest does not match then she knows that the memo has been altered in transit.
Note:- It is important to know here that digital signatures do not encrypt the message itself. In
this example, Aarti is sending the memo in plain text. If she wants to encrypt the memo, then
she would need Pragya's public key.
Benefits of digital signatures
We can easily identify if a document is fake or altered.
Digital signatures are environmentally friendly as it saves paper and cutting down of trees.
It helps in quick completion of tasks as it is done through the internet and not manually.
It saves time.
It is important for e-filing.
Many agreements, contracts and even registrations require digital signature.
In this digital era where almost every paperwork has become digital, digital signatures play an
important role. Thus, it is advised to keep your digital signatures safe and secure as the theft of
these digital signatures will lead to huge loss. There are different digital signature certificate, choose your one now.
This website is a property of a consultancy firm, providing consultancy services.
We expressively declare that we are private consultants. We have no relation or we do not represent any government official or any government department.
Site best viewed at 1024 x 768 resolution in Internet Explorer 10+, Google Chrome 49+, Firefox 45+ and Safari 6+