Overview [1]#
Digital Signature is a mathematical scheme for demonstrating the Authenticity of a digital message or data.Digital Signature is the output (hash) of a Cryptographic Hash Function when applied to a stream of data.
A valid Digital Signature for a message sent from Alice gives a Bob a high Level Of Assurance to trust that:
- Authentication - the message was created by a known Alice AND
- Non-Repudiation - that the Alice cannot deny having sent the message AND
- integrity - that the message was not altered in since the Digital Signature was applied AND
- Authentication - the message was created by a known Alice (Assumes the recipient has a method to know that Alice is the owner of the Public Key)
Digital Signature are commonly used for Public Key Infrastructure, financial transactions, and in other cases where it is important to detect Authenticity or integrity.[1]
Digital Signatures are based on Public Key cryptography, also known as Asymmetric Key Cryptography
Digital Signatures and Paper Signatures#
Digital Signatures schemes, invented by Diffie-Hellman and formalized by Goldwasser, Micali and Rivest, not only provide the electronic equivalent of signing a paper document with a pen but also are an important building block for many cryptographic protocols such as anonymous voting schemes, e-cash, and Anonymous Credential schemes, to name just a few.Digital Signature vs. electronic signature#
Unlike Electronic Signatures, Digital Signature employ the use of mathematical algorithms to verify the signer’s identity. Electronic Signatures on the other hand, are simply used to digitally capture a signer’s intent to sign. It may be an electronic mark, symbol, sound or writing.
The major distinction between forms of signature is that digital signatures use a Public Key Infrastructure (PKI) to identify both the individual signing a document and the other party requesting the signature while an Electronic Signature does not.
Of worthy note is that both Electronic Signature and Digital Signature are legally binding. Electronic Signatures are also the most common. Digital signatures are mostly used in critical financial transactions and transactions that need an extra level of confidentiality and security.
Some signing products use both forms when signing a documents.
How Digital Signature works#
Digital Signature requires a Digital Signature Algorithm which includes:Why Hash Function vs Encryption?#
The reason for encrypting the hash instead of the entire message or document is that a Hash Function can convert a Message into a fixed length value, which is usually much shorter and faster and requires less CPU since hashing is much faster than signing.Digital Signature Algorithms#
Signatures with efficient protocols#
Signatures with efficient protocols are a form of Digital Signaturee invented by Jan Camenisch and Anna Lysyanskaya in 2001. In addition to being secure digital signatures, they need to allow for the efficient implementation of two protocolsMore Information#
There might be more information for this subject on one of the following:- Anonymous Credential
- Asymmetric Key
- Asymmetric Key Cryptography
- Authenticode
- Authorization Cross Domain Code 1.0
- Best Practices OpenID Connect
- Block Cipher Mode
- Blockchain
- By-value
- CBOR Object Signing and Encryption
- CL Signature
- CRLSign
- Certificate Algorithm ID
- Certificate Authority
- Certificate Chain
- Certificate Validation
- Certificate-based Authentication
- CertificateVerify
- Ciphers-SUITEB128ONLY
- Client Secret
- ContentCommitment
- Cryptographic Key
- Cryptographic Primitive
- Data Provenance
- Deprecating TLSv1.0 and TLSv1.1
- Diffie-Hellman or RSA
- Digital Key
- Digital Signature Algorithm
- Digital Signature Standard
- DigitalSignature
- Digitally Signed
- DomainKeys Identified Mail
- E-residency
- ES256
- Edwards-curve Digital Signature Algorithm
- Electronic Signatures
- Elliptic Curve
- Encryption
- FIDO
- FIPS 186
- Group Signatures
- Hash Function
- Id_token_signed_response_alg
- Identity Certificate
- Identity Token
- Identity Token Validation
- Identity Toolkit ID Token
- Impersonation-resistant
- JOSE Header
- JSON Web Encryption
- JSON Web Signature
- JSON Web Tokens
- JSON-LD Examples
- Kerberos Error Codes
- Kerberos Service Account
- Key
- Key Life cycle
- Key wrapping
- KeyCertSign
- KeyUsage
- LSA Protection
- Length extension attack
- Linked Data Signatures
- Login_hint_token
- Message Authentication Code
- MimbleWimble
- NIST.SP.800-107
- NSA Suite B Cryptography
- National Identification Number
- Networking and Cryptography library
- Nevis Security Suite
- Non-Repudiation
- NonRepudiation
- OAuth 2.0 Audience Information
- OAuth Dynamic Client Registration Metadata
- OAuth state parameter
- Off-the-Record Messaging
- OpenID Connect Federation
- PKCS 1
- PKCS7
- Plenum Byzantine Fault Tolerant Protocol
- Privilege Management Infrastructure
- Probabilistic Signature Scheme
- RFC 6376
- RSA Cryptography
- RSA key-exchange
- Rich Credential
- Ring Signature
- SAFE-BioPharma
- SASL
- SHA-1
- SUITEB128
- SUITEB192
- Secure MIME
- Self-signed Certificate
- Signature Generation
- Signature Verification
- Signatures with efficient protocols
- Signing key
- Sovrin
- TBSCertificate
- TLS 1.2
- TLS 1.3
- The Simple Public-Key GSS-API Mechanism
- Tink
- Trust Anchor
- Trust Anchor Management Protocol
- U-Prove
- Verifying Certificate Signatures
- W3C Web Crypto API
- Web of Trust
- WebAuthn Attestation
- Why Use Tokens
- [#1] - Digital SignatureContent unavailable! (broken link)https://ldapwiki.com/wiki/images/out.png - based on information obtained 2013-04-10
- [#2] - What Is a Digital Signature and How It WorksContent unavailable! (broken link)https://ldapwiki.com/wiki/images/out.png - based on information obtained 2021-06-17