Digital Signature

A digital signature is a cryptographic technique that allows a person or entity to prove the authenticity and integrity of a digital message, document, or transaction. It functions like a handwritten signature, but in a digital format, ensuring that the message comes from the claimed sender and has not been altered in transit.

How a Digital Signature Works

Digital signatures are based on asymmetric encryption, which uses a pair of keys: a private key (kept secret) and a public key (shared with others).

The Process:

1. Generating the Signature:
   • The sender uses their private key to sign the message or document. A hash function is applied to the document to create a hash value (a unique, fixed-size representation of the content).
   • This hash is then encrypted with the sender’s private key, creating the digital signature.
2. Verifying the Signature:
   • The recipient uses the sender’s public key to decrypt the signature.
   • They also hash the document again and compare this hash value with the decrypted one from the sender’s signature.
   • If the two hash values match, the document is verified as authentic and unaltered.

Signing & Verifying Algorithms Explained

In digital signatures, two key algorithms work together to ensure the authenticity and integrity of digital messages or documents: the signing algorithm and the verifying algorithm. These algorithms are part of the cryptographic process that enables secure digital signatures. They are based on asymmetric cryptography, using a pair of keys—private and public keys.

1. Signing Algorithm:

The signing algorithm is used by the sender (the signer) to generate a digital signature. This algorithm takes as input the message or document that needs to be signed and the signer’s private key. It produces a unique digital signature that is associated with that specific message.

Steps in the Signing Process:

1. Hashing the Message: First, the message (or document) is passed through a hash function (e.g., SHA-256) to produce a message digest. The message digest is a fixed-length representation of the original message, regardless of its size.
2. Signing the Hash: The message digest is then encrypted using the sender’s private key. This encryption process generates the digital signature. The signature is a unique cryptographic proof that can only be produced by the holder of the private key.
3. Sending the Signature and Message: The signer sends the message along with the digital signature to the recipient. The original message is not encrypted (it remains in plain text), but the attached signature ensures its authenticity.

Example:

• Input: Message + Private Key
• Output: Digital Signature

2. Verifying Algorithm:

The verifying algorithm is used by the recipient (or verifier) to check the authenticity of the digital signature. This algorithm takes as input the message, the digital signature, and the signer’s public key. It verifies whether the signature is valid and whether the message was altered.

Steps in the Verification Process:

1. Hashing the Received Message: The recipient runs the received message through the same hash function that was used in the signing process to generate a message digest. This ensures the hash value matches what was originally signed.
2. Decrypting the Signature: The recipient uses the signer’s public key to decrypt the digital signature. The decrypted output should be the original message digest that was created when the message was signed.
3. Comparing Hashes: The recipient compares the hash from step 1 (the hash of the received message) with the decrypted hash from the digital signature. If both hashes match, it proves that the message has not been altered and that the signature is authentic, meaning it was created using the corresponding private key of the public key provided.

Example

• Input: Message + Signature + Public Key
• Output: True/False (Valid or Invalid Signature)

Key Points

• Private Key (Signing): The sender uses their private key to generate the digital signature. The private key is kept secret by the sender.
• Public Key (Verifying): The recipient uses the sender’s public key to verify the digital signature. The public key is openly shared.

Example in Action

• Alice wants to send a message to Bob. She uses her private key to sign the message (producing a digital signature) and sends both the message and the signature to Bob.
• Bob receives the message and the signature. He uses Alice’s public key to verify the signature and ensure that the message hasn’t been tampered with and really came from Alice.

ELI5 (Explain Like I’m 5)

• Signing Algorithm: It’s like putting a secret seal on a letter with your personal stamp (private key) so the person who gets it knows it’s from you.
• Verifying Algorithm: The person who gets the letter (public key) uses a special tool to check if the stamp matches and if the letter hasn’t been messed with, proving you really sent it and nothing was changed.

In summary, the signing algorithm ensures the authenticity of a message by creating a unique digital signature using the sender’s private key, while the verifying algorithm ensures that this signature is valid and that the message has not been altered, using the sender’s public key.

Key Properties of Digital Signatures

1. Authentication: The digital signature proves that the message or document came from the expected sender, who holds the corresponding private key.
2. Integrity: If even a single character in the document is altered, the hash will not match, and the digital signature will no longer be valid. This ensures the integrity of the document.
3. Non-repudiation: Once the sender has digitally signed a message, they cannot later deny having signed it. The digital signature links the sender to the document uniquely and verifiably.

Example in Blockchain (e.g., Cardano)

In blockchain systems like Cardano, digital signatures are critical for securing transactions. When a user initiates a transaction, they sign it using their private key. The blockchain verifies the transaction using the sender’s public key. This ensures that:

• The transaction was authorized by the rightful owner of the funds (authentication).
• The transaction data has not been tampered with (integrity).

Real-World Analogy

A digital signature is like a notarized stamp on a document that certifies both the authenticity of the person who signed it and that the document hasn’t been altered since it was signed.

ELI5 (Explain Like I’m 5)

A digital signature is like a special seal that only you can make because you have a secret stamp (private key). When you put this seal on something (like a digital letter), everyone else can check it with a public stamp (public key) to see that it really came from you and that no one has changed it. It’s a way to make sure your message is both real and untampered with!