What is Digital Signature and how it works?
It is a mathematical stream for demonstrating the authenticity of Digital Signature or documents. A valid signature gives a receipt reason to believe that the message was created by a known sender such that the sender cannot deny having sent the message and the message was not altered in transit.
Digital Signature is commonly used for:-
- Software Distribution
- Finaciall Transaction
And in other cases where it is important to detect forgery. The digitally signed message may be anything representable as a big string. For example, electronic mail, Constructs, or a message sent by such other cryptographic protocol.
Algorithim Used in Digital Signature:
- Key Generation Algorithim: This Algorithim selects a private key randomly from a set of possible private key’s . The Algorithim outputs the private and co-oresponding public key.
- Signing Algorithim: Here message and a private key are provided it produces a signature.
- Signature Verification Algorithim: In this algorithim message public key & signature are provided. This algorithim either excepts or rejects the message based on verification
Purpose of Digital Signature:
- Authentication
- Integrity
- Non-Repudiation
Who issues the Digital Signature Certificate?
A licensed certifying authority (CA) issues the digital signature certificate. CA means a person who has been granting a license to issue a certificate under section 24 of the Indian IT act 2000 the list of licensed CAs along with their contact information available on the government portal. The validity of a digital certificate is 1 or 2 yrs. The time taken by CAs to issue DSE may vary from 3 to 7 days.
Role of Digital Certificate in “Message Authentication “:
It is a message digest used to cryptographically sign a message which relies on asymmetric or public-key cryptography. we know that to create it, you sign the message with your private key. It then becomes part of a message. This has two effects:-
- Any changes to the message can be deteched, qwing to the message digest algorithim.
- You cannot deny signing the message, because it was signed with your private key.
Message integrity and non-repudiation make it a very useful component in message authentication.