How do we create a Digital Signature?

The creation of a Digital Signature is a complex mathematical process. However as the complexities of the process are computed by the computer, applying a Digital Signature is no more difficult that creating a handwritten one!

The following process illustrates in general terms the processes behind the generation of a Digital Signature:

1. Alice clicks 'sign' in her email application or selects which file is to be signed.
2. Alice's computer calculates the 'hash' (the message is applied to a publicly known mathematical hashing function that coverts the message into a long number referred to as the hash).
3. The hash is encrypted with Alice's Private Key (in this case it is known as the Signing Key) to create the Digital Signature.
4. The original message and its Digital Signature are transmitted to Bob.
5. Bob receives the signed message. It is identified as being signed, so his email application knows which actions need to be performed to verify it.
6. Bob's computer decrypts the Digital Signature using Alice's Public Key.
7. Bob's computer also calculates the hash of the original message (remember - the mathematical function used by Alice to do this is publicly known).
8. Bob's computer compares the hashes it has computed from the received message with the now decrypted hash received with Alice's message.

Represented diagrammatically

If the message has remained integral during its transit (i.e. it has not been tampered with), when compared the two hashes will be identical.

However, if the two hashes differ when compared then the integrity of the original message has been compromised. If the original message is tampered with it will result in Bob's computer calculating a different hash value. If a different hash value is created, then the original message will have been altered. As a result the verification of the Digital Signature will fail and Bob will be informed.

Was this answer helpful?

 Print this Article

Also Read

How SSL works?

Internet merchants wanting to use the system get an SSL Certificate. The Certificate is...

What is SSL?

SSL is Secure Socket Layer (and its latest update TLS, Transport Layer Security) was...

What is it supposed to provide?

OK, now I see the padlock, what does it really mean? All it means is that you have an...

What is PKI?

Public Key Infrastructure (PKI) refers to the technical mechanisms, procedures and policies...

Different types of Digital Certificate

Dependent on their usage Digital Certificates are available in a number of different types:...